CVE-2018-18433
DESTOON B2B 7.0 contains a cross-site scripting (XSS) vulnerability in admin/category.inc.php, exploitable via the category[catname] parameter to admin.php. Affected component is the admin interface; root cause is unescaped user input flowing into the response. Public sources (NVD/CNVD/CVE record...