Vulnerabilities > Appserv Open Project > Appserv > 2.5.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-05-21 | CVE-2008-2398 | Cross-Site Scripting vulnerability in Appserv Open Project Appserv Cross-site scripting (XSS) vulnerability in index.php in AppServ Open Project 2.5.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter. | 4.3 |
| 2004-12-31 | CVE-2004-1532 | Remote Insecure Default Password vulnerability in AppServ Open Project AppServ 2.5.x and earlier installs a default username and password, which allows remote attackers to gain access. | 7.5 |