Kumbiaphp
1 CVEs
product
Monthly
KumbiaPHP through 1.1.1, in Development mode, allows XSS via the public/pages/kumbia PATH_INFO. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
XSS
Kumbiaphp
NVD
GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-14146
PHP
EPSS 1%
CVSS 5.4
MEDIUM
POC
This Month
KumbiaPHP through 1.1.1, in Development mode, allows XSS via the public/pages/kumbia PATH_INFO. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
XSS
Kumbiaphp
NVD
GitHub