Xinuos

Openserver

2 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2020-25494

Exploit
  • EPSS 57.97%
  • Published 18.12.2020 15:15:12
  • Last modified 21.11.2024 05:18:03

Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook.

6.1

CVE-2020-25495

Exploit
  • EPSS 4.23%
  • Published 18.12.2020 15:15:12
  • Last modified 21.11.2024 05:18:03

A reflected Cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO) Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'.