Skip to main content

Opensid

3 CVEs product

Monthly

CVE-2018-13040 HIGH POC This Week

OpenSID 18.06-pasca has a CSRF vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Opensid
NVD GitHub
CVSS 3.0
8.8
EPSS
0.7%
CVE-2018-13039 MEDIUM POC This Month

OpenSID 18.06-pasca has reflected Cross Site Scripting (XSS) via the cari parameter, aka an index.php/first?cari= URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Opensid
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-13038 CRITICAL POC Act Now

OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Opensid
NVD GitHub
CVSS 3.0
9.8
EPSS
1.8%
EPSS 1% CVSS 8.8
HIGH POC This Week

OpenSID 18.06-pasca has a CSRF vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Opensid
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

OpenSID 18.06-pasca has reflected Cross Site Scripting (XSS) via the cari parameter, aka an index.php/first?cari= URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Opensid
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Opensid
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy