Vulnerabilities > Wondercms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-17 | CVE-2014-8703 | Cross-site Scripting vulnerability in Wondercms 2014 Cross-site scripting (XSS) vulnerability in Wonder CMS 2014 allows remote attackers to inject arbitrary web script or HTML. | 6.1 |
| 2017-03-17 | CVE-2014-8702 | Information Exposure vulnerability in Wondercms 2014 Wonder CMS 2014 allows remote attackers to obtain sensitive information by logging into the application with an array for the password, which reveals the installation path in an error message. | 5.3 |