MidnightBSD

Advisories for craftedweb_project

CVE-2018-12919 MEDIUM

In CraftedWeb through 2013-09-24, aasp_includes/pages/notice.php allows XSS via the e parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
craftedweb_project craftedweb *
CVE-2018-16450 MEDIUM

CraftedWeb through 2013-09-24 has reflected XSS via the p parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
craftedweb_project craftedweb *