In GeniXCMS 1.1.4, gxadmin/index.php has XSS via the Menu ID field in a page=menus request. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS via the id parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In GeniXCMS 1.1.4, /inc/lib/backend/menus.control.php has XSS via the id parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the filter parameter to. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.