6 matches found
EUVD-2019-2773
Malware in sbrugna...
CVE-2019-11066
openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request using the HTTP GET method...
Server side request forgery (ssrf)
openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request using the HTTP GET method...
CVE-2019-11066
openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request using the HTTP GET method...
CVE-2019-11066
openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request using the HTTP GET method...
CVE-2019-11066
CVE-2019-11066 affects LightOpenID up to version 1.3.1, where openid.php is vulnerable to SSRF via a crafted OpenID 2.0 assertion request that uses HTTP GET. The vulnerability originates in LightOpenID’s handling of OpenID 2.0 assertion requests, enabling server-side requests to arbitrary destina...