Description Osclass 3.7.4 has XSS via the query string to index.php, a different vulnerability than CVE-2014-6280. Remediation References CVE-2018-14481 Related Vulnerabilities MySQL CVE-2018-3155 Vulnerability (CVE-2018-3155) WordPress Plugin WordPress Infinite Scroll-Ajax Load More Arbitrary File Upload (2.8.1.1) WordPress 4.7.x Denial of Service Vulnerability (4.7 - 4.7.9) ATutor Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3368) MySQL CVE-2019-2502 Vulnerability (CVE-2019-2502) Severity Medium Classification CVE-2018-14481 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities