RSS   Vulnerabilities for 'SIDU'   RSS

2019-02-06
 
CVE-2019-7547

CWE-79
 

 
An issue was discovered in SIDU 6.0. Because the database name is not strictly filtered, the attacker can insert a name containing an XSS Payload, leading to stored XSS.

 
 
CVE-2019-7546

CWE-79
 

 
An issue was discovered in SIDU 6.0. The dbs parameter of the conn.php page has a reflected Cross-site Scripting (XSS) vulnerability.

 


Copyright 2024, cxsecurity.com

 

Back to Top