CVE-2017-15872
CVE-2017-15872 affects phpwcms 1.8.9 with a cross-site scripting (XSS) vulnerability in include/inc_tmpl/admin.edituser.tmpl.php and include/inc_tmpl/admin.newuser.tmpl.php, exploitable via the username (new_login) field. The affected components are these two admin templates; the underlying cause...