Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown
CVE-2018-13038
Disclosure Date: July 01, 2018 (last updated November 26, 2024)
OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf Content-Type.
0
Attacker Value
Unknown
CVE-2018-13040
Disclosure Date: July 01, 2018 (last updated November 26, 2024)
OpenSID 18.06-pasca has a CSRF vulnerability. This vulnerability can add an account (at the admin level) via the index.php/man_user/insert URI.
0
Attacker Value
Unknown
CVE-2018-13039
Disclosure Date: July 01, 2018 (last updated November 26, 2024)
OpenSID 18.06-pasca has reflected Cross Site Scripting (XSS) via the cari parameter, aka an index.php/first?cari= URI.
0
