VYPR
Vendor

LightOpenID

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2019-11066CriMay 10, 2019
    risk 0.64cvss 9.8epss 0.02

    openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request using the HTTP GET method.

  • CVE-2009-2223Jun 26, 2009
    risk 0.03cvss epss 0.04

    Directory traversal vulnerability in locms/smarty.php in LightOpenCMS 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cwd parameter. NOTE: remote file inclusion attacks may be possible.