Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-30 | CVE-2018-11557 | Cross-site Scripting vulnerability in Yiban Easy Class Education Platform 2.0 YIBAN Easy class education platform 2.0 has XSS via the articlelist.php k parameter. | 6.1 |
| 2018-05-29 | CVE-2018-11549 | Cross-site Scripting vulnerability in Wuzhicms Wuzhi CMS 4.1.0 An issue was discovered in WUZHI CMS 4.1.0 There is a Stored XSS Vulnerability in "Account Settings -> Member Centre -> Chinese information -> Ordinary member" via a QQ number, as demonstrated by a form[qq_10]= substring. | 5.4 |
| 2018-05-29 | CVE-2018-11027 | Cross-site Scripting vulnerability in Ruckussecurity Icx7450-48 Firmware A reflected XSS vulnerability on Ruckus ICX7450-48 devices allows remote attackers to inject arbitrary web script or HTML. | 6.1 |
| 2018-05-29 | CVE-2017-16010 | Cross-site Scripting vulnerability in I18Next i18next is a language translation framework. | 6.1 |
| 2018-05-29 | CVE-2018-1376 | Cross-site Scripting vulnerability in IBM Security Guardium BIG Data Intelligence 3.1 IBM Security Guardium Big Data Intelligence (SonarG) 3.1 is vulnerable to cross-site scripting. | 6.1 |
| 2018-05-29 | CVE-2018-11532 | Cross-site Scripting vulnerability in Changuondyu Advanced Statistics Project Changuondyu Advanced Statistics 1.0.2 An issue was discovered in the ChangUonDyU Advanced Statistics plugin 1.0.2 for MyBB. | 6.1 |
| 2018-05-28 | CVE-2018-11430 | Cross-site Scripting vulnerability in Moderator LOG Notes Project Moderator LOG Notes 1.1 An issue was discovered in the Moderator Log Notes plugin 1.1 for MyBB. | 5.4 |
| 2018-05-28 | CVE-2018-11512 | Cross-site Scripting vulnerability in Creatiwity Witycms 0.6.1 Stored cross-site scripting (XSS) vulnerability in the "Website's name" field found in the "Settings" page under the "General" menu in Creatiwity wityCMS 0.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted website name by doing an authenticated POST HTTP request to admin/settings/general. | 4.8 |
| 2018-05-26 | CVE-2018-11501 | Cross-site Scripting vulnerability in Website Seller Script Project Website Seller Script 2.0.3 PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via user_submit.php?upd=2, with resultant XSS. | 8.8 |
| 2018-05-26 | CVE-2018-11487 | Cross-site Scripting vulnerability in PHPmywind 5.5 PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php. | 6.1 |