273 matches found
CVE-2020-25495
A reflected Cross-site scripting XSS vulnerability in Xinuo formerly SCO Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'...
CVE-2020-25494
Xinuos formerly SCO Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook...
CVE-2001-1578
Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors...
CVE-1999-0893
userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack...
Necro Python Malware Upgrades With New Exploits and Crypto Mining Capabilities
New upgrades have been made to a Python-based "self-replicating, polymorphic bot" called Necro in what's seen as an attempt to improve its chances of infecting vulnerable systems and evading detection. "Although the bot was originally discovered earlier this year, the latest activity shows numero...
VulnCheck KEV: CVE-2020-25494
Xinuos formerly SCO Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook...
SCO Openserver 5.0.7 - 'section' Reflected XSS
Exploit Title: SCO Openserver 5.0.7 - 'section' Reflected XSS Google Dork: inurl:/cgi-bin/manlist?section Discovered Date: 14/06/2020 Author: Ramikan Vendor Homepage: https://www.xinuos.com/products Software Link: https://www.sco.com/products/openserver507/-overview Affected Version: Tested on...
SCO Openserver 5.0.7 Command Injection
Exploit Title: SCO Openserver 5.0.7 - 'outputform' Command Injection Google Dork: inurl:/cgi-bin/manlist?section Discovered Date: 04/09/2020 Author: Ramikan Vendor Homepage: https://www.xinuos.com/products/ Software Link: https://www.sco.com/products/openserver507/-overview Affected Version: Test...
Xinuos Openserver Cross-Site Scripting Vulnerability
Xinuos Openserver is a FreeBSD-based operating system from the American company Xinuos. Xinuo suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client data in the application parameter section. A remote attacker can exploit this vulnerability by...
CVE-2020-25494
Xinuos formerly SCO Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook...
CVE-2020-25495
A reflected Cross-site scripting XSS vulnerability in Xinuo formerly SCO Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'...
CVE-2020-25495
A reflected Cross-site scripting XSS vulnerability in Xinuo formerly SCO Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'...
CVE-2020-25494
Xinuos formerly SCO Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook...
Cross site scripting
A reflected Cross-site scripting XSS vulnerability in Xinuo formerly SCO Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'...
Code injection
Xinuos formerly SCO Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook...
CVE-2020-25495
Xinuo (formerly SCO) Openserver v5/v6 is affected by a reflected XSS in the web interface, exploitable via the 'section' parameter due to inadequate input validation. Impact: arbitrary script execution and potential data leakage for users who load the affected pages. Remediation: apply the latest...
CVE-2020-25495
A reflected Cross-site scripting XSS vulnerability in Xinuo formerly SCO Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'...
CVE-2020-25494
CVE-2020-25494 affects Xinuos OpenServer v5/v6. The vulnerability is in the CGI component cgi-bin/printbook (parameters outputform and toclevels), enabling shell metacharacter input and arbitrary command execution. Exploitation details in public sources confirm OS command injection with remote, u...
CVE-2020-25494
Xinuos formerly SCO Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook...
Xinuos Openserver Parameter Injection Vulnerability
Xinuos Openserver is a FreeBSD-based operating system from the US company Xinuos. A security vulnerability exists in Xinuos formerly SCO Openserver versions v5 and v6 that allows an attacker to execute arbitrary commands to the cgi-bin printbook via the shell metacharacter outputform or toclevels...