Hashtopus Project: >> Hashtopus >> 1.5g Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in Hashtopus 1.5g allows remote attackers to inject arbitrary web script or HTML via the query string to admin.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-07-27
SQL injection vulnerability in Hashtopus 1.5g allows remote authenticated users to execute arbitrary SQL commands via the format parameter in admin.php.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-07-27
Cross-Site Request Forgery (CSRF) exists in Hashtopus 1.5g via the password parameter to admin.php in an a=config action.
CVSS Score
8.8
EPSS Score
0.002
Published
2017-07-27