Vulnerabilities > Phpmywind > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-27 | CVE-2020-18230 | Cross-site Scripting vulnerability in PHPmywind 5.5 Cross Site Scripting (XSS) in PHPMyWind v5.5 allows remote attackers to execute arbitrary code by injecting scripts into the parameter "$cfg_switchshow" of component " /admin/web_config.php". | 3.5 |
| 2021-05-27 | CVE-2020-18229 | Cross-site Scripting vulnerability in PHPmywind 5.5 Cross Site Scripting (XSS) in PHPMyWind v5.5 allows remote attackers to execute arbitrary code by injecting scripts into the parameter "$cfg_copyright" of component " /admin/web_config.php". | 3.5 |
| 2019-09-23 | CVE-2019-16704 | Cross-site Scripting vulnerability in PHPmywind 5.6 admin/infoclass_update.php in PHPMyWind 5.6 has stored XSS. | 3.5 |
| 2019-02-18 | CVE-2019-8435 | Cross-site Scripting vulnerability in PHPmywind 5.5 admin/default.php in PHPMyWind v5.5 has XSS via an HTTP Host header. | 3.5 |
| 2018-09-17 | CVE-2018-17130 | Cross-site Scripting vulnerability in PHPmywind 5.5 PHPMyWind 5.5 has XSS in member.php via an HTTP Referer header, | 3.5 |