Opensid
by Opensid
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-13038 | Cri | 0.64 | 9.8 | 0.02 | Jul 1, 2018 | OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf Content-Type. | ||
| CVE-2018-13040 | Hig | 0.57 | 8.8 | 0.01 | Jul 1, 2018 | OpenSID 18.06-pasca has a CSRF vulnerability. This vulnerability can add an account (at the admin level) via the index.php/man_user/insert URI. | ||
| CVE-2018-13039 | Med | 0.40 | 6.1 | 0.01 | Jul 1, 2018 | OpenSID 18.06-pasca has reflected Cross Site Scripting (XSS) via the cari parameter, aka an index.php/first?cari= URI. |
- risk 0.64cvss 9.8epss 0.02
OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf Content-Type.
- risk 0.57cvss 8.8epss 0.01
OpenSID 18.06-pasca has a CSRF vulnerability. This vulnerability can add an account (at the admin level) via the index.php/man_user/insert URI.
- risk 0.40cvss 6.1epss 0.01
OpenSID 18.06-pasca has reflected Cross Site Scripting (XSS) via the cari parameter, aka an index.php/first?cari= URI.