Vulnerabilities > Wikindx Project

DATE CVE VULNERABILITY TITLE RISK
2021-02-01 CVE-2021-3340 Cross-site Scripting vulnerability in Wikindx Project Wikindx
A cross-site scripting (XSS) vulnerability in many forms of Wikindx before 5.7.0 and 6.x through 6.4.0 allows remote attackers to inject arbitrary web script or HTML via the message parameter to index.php?action=initLogon or modules/admin/DELETEIMAGES.php.
4.3
2019-07-26 CVE-2019-13588 Cross-site Scripting vulnerability in Wikindx Project Wikindx
A cross-site scripting (XSS) vulnerability in getPagingStart() in core/lists/PAGING.php in WIKINDX before 5.8.2 allows remote attackers to inject arbitrary web script or HTML via the PagingStart parameter.
4.3
2019-07-08 CVE-2019-12930 Cross-site Scripting vulnerability in Wikindx Project Wikindx
A cross-site scripting (XSS) vulnerability in noMenu() and noSubMenu() in core/navigation/MENU.php in WIKINDX prior to version 5.8.1 allows remote attackers to inject arbitrary web script or HTML via the method parameter.
4.3
2019-03-26 CVE-2019-9961 Cross-site Scripting vulnerability in Wikindx Project Wikindx
A cross-site scripting (XSS) vulnerability in ressource view in core/modules/resource/RESOURCEVIEW.php in Wikindx prior to version 5.7.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
4.3