VYPR

Xibo

by Xibosignage

Source repositories

CVEs (23)

  • CVE-2023-33179May 30, 2023
    risk 0.00cvss epss 0.01

    Xibo is a content management system (CMS). An SQL injection vulnerability was discovered starting in version 3.2.0 and prior to version 3.3.5 in the `nameFilter` function used throughout the CMS. This allows an authenticated user to exfiltrate data from the Xibo database by…

  • CVE-2023-33178May 30, 2023
    risk 0.00cvss epss 0.01

    Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the `/dataset/data/{id}` API route inside the CMS starting in version 1.4.0 and prior to versions 2.3.17 and 3.3.5. This allows an authenticated user to exfiltrate data from the Xibo…

  • CVE-2013-4887Jan 29, 2014
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in index.php in Digital Signage Xibo 1.4.2 allows remote attackers to execute arbitrary SQL commands via the displayid parameter.

Page 2 of 2