Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-03 | CVE-2018-16371 | Cross-site Scripting vulnerability in Pescms Team 2.2.1 PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: g=Team&m=User&a=index&keyword=, g=Team&m=User_group&a=index&keyword=, g=Team&m=Department&a=index&keyword=, and g=Team&m=Bulletin&a=index&keyword=. | 6.1 |
| 2018-09-02 | CVE-2018-16362 | Cross-site Scripting vulnerability in Mantisbt Source Integration An issue was discovered in the Source Integration plugin before 1.5.9 and 2.x before 2.1.5 for MantisBT. | 6.1 |
| 2018-09-02 | CVE-2018-16358 | Cross-site Scripting vulnerability in Dotclear A cross-site scripting (XSS) vulnerability in inc/core/class.dc.core.php in the media manager in Dotclear through 2.14.1 allows remote authenticated users to upload HTML content containing an XSS payload with the file extension .ahtml. | 5.4 |
| 2018-09-02 | CVE-2018-16350 | Cross-site Scripting vulnerability in Wuzhi CMS Project Wuzhi CMS 4.1.0 WUZHI CMS 4.1.0 has XSS via the index.php?m=core&f=set&v=basic form[statcode] parameter. | 6.1 |
| 2018-09-02 | CVE-2018-16349 | Cross-site Scripting vulnerability in Wuzhi CMS Project Wuzhi CMS 4.1.0 WUZHI CMS 4.1.0 has XSS via the index.php?m=link&f=index&v=add form[remark] parameter. | 6.1 |
| 2018-09-02 | CVE-2018-16348 | Cross-site Scripting vulnerability in Seacms 6.61 SeaCMS V6.61 has XSS via the admin_video.php v_content parameter, related to the site name. | 4.8 |
| 2018-09-02 | CVE-2018-16347 | Cross-site Scripting vulnerability in Gleezcms Gleez CMS 1.2.0 An issue was discovered in Gleez CMS v1.2.0. | 6.1 |
| 2018-09-02 | CVE-2018-16346 | Cross-site Scripting vulnerability in Chemcms Project Chemcms 1.0.6 ChemCMS 1.0.6 has XSS via the "setting -> website information" field. | 4.8 |
| 2018-09-02 | CVE-2018-16342 | Cross-site Scripting vulnerability in Showdoc 1.8.0 ShowDoc v1.8.0 has XSS via a new page. | 5.4 |
| 2018-09-02 | CVE-2018-16330 | Cross-site Scripting vulnerability in Ipandao Editor.Md 1.5.0 Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element. | 6.1 |