Opendesa: >> Opensid Security Vulnerabilities
OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf Content-Type.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-07-01
OpenSID 18.06-pasca has reflected Cross Site Scripting (XSS) via the cari parameter, aka an index.php/first?cari= URI.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-07-01
OpenSID 18.06-pasca has a CSRF vulnerability. This vulnerability can add an account (at the admin level) via the index.php/man_user/insert URI.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-07-01