Filtered by vendor Opendesa
Subscribe
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-13039 | 1 Opendesa | 1 Opensid | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
OpenSID 18.06-pasca has reflected Cross Site Scripting (XSS) via the cari parameter, aka an index.php/first?cari= URI. | |||||
CVE-2018-13038 | 1 Opendesa | 1 Opensid | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf Content-Type. | |||||
CVE-2018-13040 | 1 Opendesa | 1 Opensid | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
OpenSID 18.06-pasca has a CSRF vulnerability. This vulnerability can add an account (at the admin level) via the index.php/man_user/insert URI. |