Skip to main content

Openpsa

2 CVEs product

Monthly

CVE-2018-1000526 HIGH POC This Week

Openpsa contains a XML Injection vulnerability in RSS file upload feature that can result in Remote denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Denial Of Service Openpsa
NVD GitHub
CVSS 3.0
7.5
EPSS
2.1%
CVE-2018-1000525 CRITICAL POC Act Now

openpsa contains a PHP Object Injection vulnerability in Form data passed as GET request variables that can result in Possible information disclosure and remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Information Disclosure RCE PHP Openpsa
NVD GitHub
CVSS 3.0
9.8
EPSS
4.1%
EPSS 2% CVSS 7.5
HIGH POC This Week

Openpsa contains a XML Injection vulnerability in RSS file upload feature that can result in Remote denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Denial Of Service Openpsa
NVD GitHub
EPSS 4% CVSS 9.8
CRITICAL POC Act Now

openpsa contains a PHP Object Injection vulnerability in Form data passed as GET request variables that can result in Possible information disclosure and remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Information Disclosure RCE +2
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy