CVE-2021-3340
- EPSS 0.3%
- Published 01.02.2021 22:15:14
- Last modified 21.11.2024 06:21:19
A cross-site scripting (XSS) vulnerability in many forms of Wikindx before 5.7.0 and 6.x through 6.4.0 allows remote attackers to inject arbitrary web script or HTML via the message parameter to index.php?action=initLogon or modules/admin/DELETEIMAGE...
CVE-2019-13588
- EPSS 0.28%
- Published 26.07.2019 22:15:12
- Last modified 21.11.2024 04:25:16
A cross-site scripting (XSS) vulnerability in getPagingStart() in core/lists/PAGING.php in WIKINDX before 5.8.2 allows remote attackers to inject arbitrary web script or HTML via the PagingStart parameter.
CVE-2019-12930
- EPSS 0.37%
- Published 08.07.2019 20:15:10
- Last modified 21.11.2024 04:23:50
A cross-site scripting (XSS) vulnerability in noMenu() and noSubMenu() in core/navigation/MENU.php in WIKINDX prior to version 5.8.1 allows remote attackers to inject arbitrary web script or HTML via the method parameter.
CVE-2019-9961
- EPSS 0.24%
- Published 26.03.2019 19:29:03
- Last modified 21.11.2024 04:52:40
A cross-site scripting (XSS) vulnerability in ressource view in core/modules/resource/RESOURCEVIEW.php in Wikindx prior to version 5.7.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.