Vulnerabilities > Nucleuscms > Nucleus CMS > 3.70
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-10 | CVE-2018-16636 | Cross-site Scripting vulnerability in Nucleuscms Nucleus CMS 3.70 Nucleus CMS 3.70 allows HTML Injection via the index.php body parameter. | 4.0 |
| 2015-07-08 | CVE-2015-5454 | Cross-site Scripting vulnerability in Nucleuscms Nucleus CMS 3.65/3.70 Cross-site scripting (XSS) vulnerability in Nucleus CMS allows remote attackers to inject arbitrary web script or HTML via the title parameter when adding a new item. | 4.3 |