RSS   Vulnerabilities for 'Xiao5ucompany'   RSS

2018-08-06
 
CVE-2018-14960

CWE-352
 

 
Xiao5uCompany 1.7 has CSRF via admin/Admin.asp.

 
2018-07-23
 
CVE-2018-14527

CWE-79
 

 
Feedback.asp in Xiao5uCompany 1.7 has XSS because the XSS protection mechanism in Safe.asp is insufficient (for example, it considers SCRIPT and IMG elements, but does not consider VIDEO elements).

 


Copyright 2024, cxsecurity.com

 

Back to Top