Skip to main content

Xiao5Ucompany

2 CVEs product

Monthly

CVE-2018-14960 HIGH POC This Week

Xiao5uCompany 1.7 has CSRF via admin/Admin.asp. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Xiao5Ucompany
NVD GitHub
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-14527 MEDIUM POC This Month

Feedback.asp in Xiao5uCompany 1.7 has XSS because the XSS protection mechanism in Safe.asp is insufficient (for example, it considers SCRIPT and IMG elements, but does not consider VIDEO elements). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Xiao5Ucompany
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
EPSS 1% CVSS 8.8
HIGH POC This Week

Xiao5uCompany 1.7 has CSRF via admin/Admin.asp. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Xiao5Ucompany
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Feedback.asp in Xiao5uCompany 1.7 has XSS because the XSS protection mechanism in Safe.asp is insufficient (for example, it considers SCRIPT and IMG elements, but does not consider VIDEO elements). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Xiao5Ucompany
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy