XHQ Security Vulnerabilities

CVE-2019-19285

A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow injections that could lead to XSS attacks if unsuspecting users are tricked into accessing a malicious...

CVE-2019-19287

A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow attackers to traverse through the file system of the server based by sending specially crafted packets over the network without...

CVE-2019-19288

A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious...

CVE-2019-19286

A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow SQL injection attacks if an attacker is able to modify content of particular web...

CVE-2019-19289

A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious...

CVE-2019-19283

A vulnerability has been identified in XHQ (All Versions < 6.1). The application's web server could expose non-sensitive information about the server's architecture. This could allow an attacker to adapt further attacks to the version in...

CVE-2019-19284

A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify content of particular web pages, causing the application to behave in unexpected ways for legitimate...

CVE-2019-13931

A vulnerability has been identified in XHQ (All versions < V6.0.0.2). The web interface could allow for an an attacker to craft the input in a form that is not expected, causing the application to behave in unexpected ways for legitimate users. Successful exploitation requires for an attacker to...

CVE-2019-13932

A vulnerability has been identified in XHQ (All versions < V6.0.0.2). The web application requests could be manipulated, causing the the application to behave in unexpected ways for legitimate users. Successful exploitation does not require for an attacker to be authenticated. A successful attac...

CVE-2019-13930

A vulnerability has been identified in XHQ (All versions < V6.0.0.2). The web interface could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires user interaction by a legitimate user, who must be.....