VYPR
Vendor

IBL

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2020-9406CriFeb 26, 2020
    risk 0.64cvss 9.8epss 0.01

    IBL Online Weather before 4.3.5a allows unauthenticated eval injection via the queryBCP method of the Auxiliary Service.

  • CVE-2020-9405MedFeb 26, 2020
    risk 0.40cvss 6.1epss 0.01

    IBL Online Weather before 4.3.5a allows unauthenticated reflected XSS via the redirect page.

  • CVE-2020-9407MedFeb 26, 2020
    risk 0.34cvss 5.3epss 0.01

    IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the IWEBSERVICE_JSONRPC_COOKIE cookie.