Vulnerabilities > Iscripts > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-16 | CVE-2018-10136 | Cross-site Scripting vulnerability in Iscripts Uberforx 2.2 iScripts UberforX 2.2 has Stored XSS in the "manage_settings" section of the Admin Panel via a value field to the /cms?section=manage_settings&action=edit URI. | 6.1 |
| 2018-04-16 | CVE-2018-10135 | Cross-site Scripting vulnerability in Iscripts Eswap 2.4 iScripts eSwap v2.4 has Reflected XSS via the "catwiseproducts.php" catid parameter in the User Panel. | 6.1 |
| 2018-04-11 | CVE-2018-10052 | Cross-site Scripting vulnerability in Iscripts Supportdesk 4.3 iScripts SupportDesk v4.3 has XSS via the admin/inteligentsearchresult.php txtinteligentsearch parameter. | 4.8 |
| 2018-04-11 | CVE-2018-10051 | Cross-site Scripting vulnerability in Iscripts Supportdesk 4.3 iScripts SupportDesk v4.3 has XSS via the staff/inteligentsearchresult.php txtinteligentsearch parameter. | 5.4 |
| 2018-04-11 | CVE-2018-10049 | Cross-site Scripting vulnerability in Iscripts Eswap 2.4 iScripts eSwap v2.4 has XSS via the "registration_settings.php" txtDate parameter in the Admin Panel. | 4.8 |
| 2018-04-04 | CVE-2018-9237 | Cross-site Scripting vulnerability in Iscripts Easycreate 3.2.1 iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site Description" field. | 5.4 |
| 2018-04-04 | CVE-2018-9236 | Cross-site Scripting vulnerability in Iscripts Easycreate 3.2.1 iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site title" field. | 5.4 |
| 2018-04-04 | CVE-2018-9235 | Cross-site Scripting vulnerability in Iscripts Sonicbb 1.0 iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query parameter to search.php. | 6.1 |