Vulnerabilities > Gxlcms > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-09-07 CVE-2018-16655 Cross-site Scripting vulnerability in Gxlcms 1.0
Gxlcms 1.0 has XSS via the PATH_INFO to gx/lib/ThinkPHP/Tpl/ThinkException.tpl.php.
network
low complexity
gxlcms CWE-79
6.1
6.1
2018-09-05 CVE-2018-16437 Path Traversal vulnerability in Gxlcms 2.0
Gxlcms 2.0 before bug fix 20180915 has Directory Traversal exploitable by an administrator.
network
low complexity
gxlcms CWE-22
4.9
4.9