Rasilient: >> Pixelstor 5000 Security Vulnerabilities
languageOptions.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows unauthenticated attackers to remotely execute code via the lang parameter.
CVSS Score
9.8
EPSS Score
0.118
Published
2020-01-09
contentHostProperties.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows authenticated attackers to remotely execute code via the name parameter.
CVSS Score
7.4
EPSS Score
0.009
Published
2020-01-09
A cross-site scripting (XSS) vulnerability in Option/optionsAll.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows remote attackers to inject arbitrary web script or HTML via the ContentFrame parameter.
CVSS Score
5.4
EPSS Score
0.003
Published
2020-01-09