Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-07 | CVE-2017-2243 | Cross-site Scripting vulnerability in Dfactory Responsive Lightbox Cross-site scripting vulnerability in Responsive Lightbox prior to version 1.7.2 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-07-07 | CVE-2017-2239 | Information Exposure vulnerability in Marp 0.0.10 Marp versions v0.0.10 and earlier may allow an attacker to access local resources and files using JavaScript. | 5.3 |
| 2017-07-07 | CVE-2017-2224 | Cross-site Scripting vulnerability in Web-Dorado Event Calendar WD Cross-site scripting vulnerability in Event Calendar WD prior to version 1.0.94 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-07-07 | CVE-2017-2222 | Cross-site Scripting vulnerability in Butlerblog Wp-Members 3.1.7 Cross-site scripting vulnerability in WP-Members prior to version 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-07-07 | CVE-2017-2217 | Open Redirect vulnerability in Wpdownloadmanager Wordpress Download Manager Open redirect vulnerability in WordPress Download Manager prior to version 2.9.51 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 6.1 |
| 2017-07-07 | CVE-2017-2216 | Cross-site Scripting vulnerability in Wpdownloadmanager Wordpress Download Manager Cross-site scripting vulnerability in WordPress Download Manager prior to version 2.9.50 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-07-07 | CVE-2017-2194 | Cross-site Scripting vulnerability in IPA Icodechecker Cross-site scripting vulnerability in Source code security studying tool iCodeChecker allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-07-07 | CVE-2017-2172 | Cross-site Scripting vulnerability in Cybozu Kunai Cross-site scripting vulnerability in Cybozu KUNAI for Android 3.0.0 to 3.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-07-07 | CVE-2017-2146 | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 allows remote attackers to inject arbitrary web script or HTML via application menu. | 4.8 |
| 2017-07-07 | CVE-2017-2145 | Session Fixation vulnerability in Cybozu Garoon Session fixation vulnerability in Cybozu Garoon 4.0.0 to 4.2.4 allows remote attackers to perform arbitrary operations via unspecified vectors. | 5.4 |