CVE-2015-2678
MetalGenix GeniXCMS before 0.0.2 is affected by multiple cross-site scripting (XSS) flaws. The vulnerability stems from unsanitized input in the cat parameter on gxadmin/index.php (for the categories page) and the page parameter on index.php, enabling remote attackers to inject arbitrary script/H...