Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Buffalo Subscribe
Filtered by product Open Xdmod
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-16960 1 Buffalo 1 Open Xdmod 2019-05-03 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in Open XDMoD through 7.5.0. html/gui/general/login.php has Reflected XSS via the xd_user_formal_name parameter.
CVE-2018-16961 1 Buffalo 1 Open Xdmod 2019-05-03 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Open XDMoD through 7.5.0. html/gui/general/dl_publication.php allows Path traversal via the file parameter, allowing remote attackers to read PDF files in arbitrary directories.