Skip to main content

Ximdex

4 CVEs product

Monthly

CVE-2018-12273 MEDIUM POC This Month

The /edit URI in the DMS component in Ximdex 4.0 has XSS via the Ciudad or Nombre parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ximdex
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-12272 MEDIUM POC This Month

xowl/request.php in Ximdex 4.0 has XSS via the content parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Ximdex
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-12047 MEDIUM POC This Month

xfind/search in Ximdex 4.0 has XSS via the filter[n][value] parameters for non-negative values of n, as demonstrated by n equal to 0 through 12. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ximdex
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-11735 MEDIUM This Month

index.php?action=createaccount in Ximdex 4.0 has XSS via the sname or fname parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Ximdex
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
EPSS 1% CVSS 6.1
MEDIUM POC This Month

The /edit URI in the DMS component in Ximdex 4.0 has XSS via the Ciudad or Nombre parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ximdex
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

xowl/request.php in Ximdex 4.0 has XSS via the content parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Ximdex
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

xfind/search in Ximdex 4.0 has XSS via the filter[n][value] parameters for non-negative values of n, as demonstrated by n equal to 0 through 12. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ximdex
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM This Month

index.php?action=createaccount in Ximdex 4.0 has XSS via the sname or fname parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Ximdex
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy