Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-28 | CVE-2014-9557 | Cross-site Scripting vulnerability in Smartwebsites Smartcms 2.0 Multiple cross-site scripting (XSS) vulnerabilities in SmartCMS v.2. | 6.1 |
| 2017-08-28 | CVE-2014-9514 | Cross-site Scripting vulnerability in BMC Footprints Service Core 11.5 Cross-site scripting (XSS) vulnerability in BMC Footprints Service Core 11.5. | 6.1 |
| 2017-08-28 | CVE-2014-9469 | Cross-site Scripting vulnerability in Vbulletin Cross-site scripting (XSS) vulnerability in vBulletin 3.5.4, 3.6.0, 3.6.7, 3.8.7, 4.2.2, 5.0.5, and 5.1.3. | 6.1 |
| 2017-08-28 | CVE-2014-8753 | Cross-site Scripting vulnerability in Cit-E-Net Cit-E-Access 6.0 Multiple cross-site scripting (XSS) vulnerabilities in Cit-e-Net Cit-e-Access 6. | 6.1 |
| 2017-08-28 | CVE-2014-4925 | Cross-site Scripting vulnerability in Good for Enterprise 1.9.0.40/2.8.0.398 Cross-site scripting (XSS) vulnerability in Good for Enterprise for Android 2.8.0.398 and 1.9.0.40. | 6.1 |
| 2017-08-28 | CVE-2014-0141 | Cross-site Scripting vulnerability in Redhat Satellite 6.0.3 Cross-site scripting (XSS) vulnerability in Red Hat Satellite 6.0.3. | 6.1 |
| 2017-08-25 | CVE-2015-3257 | Cross-site Scripting vulnerability in Zend Diactoros Zend/Diactoros/Uri::filterPath in zend-diactoros before 1.0.4 does not properly sanitize path input, which allows remote attackers to perform cross-site scripting (XSS) or open redirect attacks. | 6.1 |
| 2017-08-25 | CVE-2017-13697 | Cross-site Scripting vulnerability in Finecms Project Finecms 5.0.11 controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable. | 6.1 |
| 2017-08-24 | CVE-2015-4699 | Cross-site Scripting vulnerability in Cloud4Wi Splash Portal 5.9.6 Cross-site scripting (XSS) vulnerability in the Splash Portal in Cloud4Wi before 5.9.7 allows remote attackers to inject arbitrary web script or HTML via the recoveryMessage parameter to the default URI. | 6.1 |
| 2017-08-24 | CVE-2017-9555 | Cross-site Scripting vulnerability in Synology Photo Station Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.0-3414 allows remote attackers to inject arbitrary web script or HTML via the image parameter. | 5.4 |