Vulnerabilities > Fomori

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-27	CVE-2015-8310	Cross-site Scripting vulnerability in Fomori Cherrymusic 0.35.2 Cross-site scripting (XSS) vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to inject arbitrary web script or HTML via the playlistname field when creating a new playlist. network low complexity fomori CWE-79	5.4
2017-03-27	CVE-2015-8309	Path Traversal vulnerability in Fomori Cherrymusic 0.35.2 Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download." network low complexity fomori CWE-22	4.3

Vulnerabilities > Fomori {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Fomori"}]}