3 matches found
CVE-2019-19998
Xiuno BBS 4.0 allows XXE via plugin/xnwechatpublic/route/token.php...
Sql injection
Xiuno BBS 4.0 allows XXE via plugin/xnwechatpublic/route/token.php...
CVE-2019-19998
CVE-2019-19998 affects Xiuno BBS 4.0. The vulnerability is an XXE in the file path plugin/xn_wechat_public/route/token.php, enabling potential external entity processing. Public sources list CVSSv2 base 5.0 (Network, Low attack complexity, No authentication, Partial confidentiality impact) and CV...