Vulnerabilities > Clonos

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-24	CVE-2019-18418	Session Fixation vulnerability in Clonos 19.09 clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via change password requests because there is no session management. network low complexity clonos CWE-384 critical	9.8
2019-10-24	CVE-2019-18419	Cross-site Scripting vulnerability in Clonos 19.09 A cross-site scripting (XSS) vulnerability in index.php in ClonOS WEB control panel 19.09 allows remote attackers to inject arbitrary web script or HTML via the lang parameter. network low complexity clonos CWE-79	6.1

Vulnerabilities > Clonos {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Clonos"}]}