Vulnerabilities (CVE)

Filtered by vendor Craftedweb Project Subscribe
Filtered by product Craftedweb
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-16450 1 Craftedweb Project 1 Craftedweb 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
CraftedWeb through 2013-09-24 has reflected XSS via the p parameter.
CVE-2018-12919 1 Craftedweb Project 1 Craftedweb 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
In CraftedWeb through 2013-09-24, aasp_includes/pages/notice.php allows XSS via the e parameter.