Lucene search
K
BuffaloOpen Xdmod

7 matches found

CVE
CVE
added 2019/05/02 7:38 p.m.46 views

CVE-2018-16988

Open XDMoD

9.8CVSS9.5AI score0.01603EPSS
CVE
CVE
added 2026/06/05 7:27 p.m.39 views

CVE-2026-45777

Open XDMoD (OpenXDMoD): A remote command-injection vulnerability allows an attacker to execute arbitrary system commands on the web server process, affecting versions 9.5.0–11.0.2. Root cause: OS command injection that can compromise confidentiality, integrity, and availability. Impact includes r...

9.8CVSS5.8AI score0.00388EPSS
CVE
CVE
added 2019/05/02 7:31 p.m.36 views

CVE-2018-16960

Open XDMoD

6.1CVSS5.9AI score0.0084EPSS
Web
CVE
CVE
added 2026/06/05 7:29 p.m.36 views

CVE-2026-45778

Open XDMoD

8.6CVSS5.4AI score0.00147EPSS
CVE
CVE
added 2019/05/02 7:33 p.m.34 views

CVE-2018-16961

CVE-2018-16961 affects Open XDMoD up to version 7.5.0, where the file parameter in html/gui/general/dl_publication.php allows path traversal, enabling remote attackers to read PDF files in arbitrary directories. Root cause: improper validation of the file parameter leading to directory traversal....

7.5CVSS7.5AI score0.02514EPSS
Web
CVE
CVE
added 2026/06/05 7:26 p.m.32 views

CVE-2026-45776

Open XDMoD (Open XDMoD) versions prior to 11.0.3 are affected when the optional Job Performance (SUPReMM) module is installed. A flaw in access control allows a crafted HTTPS POST to set a session variable used for authorization, enabling an attacker to view other users’ compute job efficiency me...

5.3CVSS5.4AI score0.00236EPSS
CVE
CVE
added 2026/06/05 7:30 p.m.32 views

CVE-2026-45779

CVE-2026-45779 affects OpenXDMoD: an unauthenticated SQL injection in Open XDMoD versions prior to 10.0.3 can lead to arbitrary SQL execution and complete compromise of the underlying database. The issue impacts all deployments

9.8CVSS6AI score0.00479EPSS