Lucene search

Opendesa Security Vulnerabilities

cve

CVE-2018-13040

OpenSID 18.06-pasca has a CSRF vulnerability. This vulnerability can add an account (at the admin level) via the index.php/man_user/insert...

8.8CVSS

8.6AI Score

0.001EPSS

2018-07-01 06:29 PM

cve

CVE-2018-13038

OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf...

9.8CVSS

9.4AI Score

0.006EPSS

2018-07-01 06:29 PM

cve

CVE-2018-13039

OpenSID 18.06-pasca has reflected Cross Site Scripting (XSS) via the cari parameter, aka an index.php/first?cari=...

6.1CVSS

6AI Score

0.001EPSS

2018-07-01 06:29 PM