RSS   Podatności dla 'Opensid'   RSS

2018-07-01
 
CVE-2018-13040

CWE-352
 

 
OpenSID 18.06-pasca has a CSRF vulnerability. This vulnerability can add an account (at the admin level) via the index.php/man_user/insert URI.

 
 
CVE-2018-13039

CWE-79
 

 
OpenSID 18.06-pasca has reflected Cross Site Scripting (XSS) via the cari parameter, aka an index.php/first?cari= URI.

 
 
CVE-2018-13038

CWE-434
 

 
OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf Content-Type.

 


Copyright 2024, cxsecurity.com

 

Back to Top