CVE-2018-5965

CMS Made Simple CMSMS 2.2.5 has XSS in admin/moduleinterface.php via the m1errors parameter...

WordPress plugin Frontend Uploader 'errors' parameter cross-site scripting vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the Frontend Uploader 'errors' parameter of the WordPress plugin because it...

Traq 2.2 - Multiple SQL Injections / Cross-Site Scripting

source: https://www.securityfocus.com/bid/49835/info Traq is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication...