Skip to main content

Openpne

2 CVEs product

Monthly

CVE-2013-5350 HIGH This Week

The "Remember me" feature in the opSecurityUser::getRememberLoginCookie function in lib/user/opSecurityUser.class.php in OpenPNE 3.6.13 before 3.6.13.1 and 3.8.9 before 3.8.9.1 does not properly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP RCE Openpne
NVD
CVSS 2.0
7.5
EPSS
0.7%
CVE-2013-2309 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the management screen in OpenPNE 3.4.x before 3.4.21.1, 3.6.x before 3.6.9.1, and 3.8.x before 3.8.5.1 allows remote attackers to inject arbitrary web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Openpne
NVD
CVSS 2.0
4.3
EPSS
0.3%
EPSS 1% CVSS 7.5
HIGH This Week

The "Remember me" feature in the opSecurityUser::getRememberLoginCookie function in lib/user/opSecurityUser.class.php in OpenPNE 3.6.13 before 3.6.13.1 and 3.8.9 before 3.8.9.1 does not properly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP RCE Openpne
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the management screen in OpenPNE 3.4.x before 3.4.21.1, 3.6.x before 3.6.9.1, and 3.8.x before 3.8.5.1 allows remote attackers to inject arbitrary web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Openpne
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy