Vulnerabilities > Iscripts > Eswap > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-16 | CVE-2018-10135 | Cross-site Scripting vulnerability in Iscripts Eswap 2.4 iScripts eSwap v2.4 has Reflected XSS via the "catwiseproducts.php" catid parameter in the User Panel. | 6.1 |
| 2018-04-11 | CVE-2018-10049 | Cross-site Scripting vulnerability in Iscripts Eswap 2.4 iScripts eSwap v2.4 has XSS via the "registration_settings.php" txtDate parameter in the Admin Panel. | 4.8 |