Vulnerabilities > Lynxtechnology > Twonky Server > 8.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-08 | CVE-2018-9182 | Cross-site Scripting vulnerability in Lynxtechnology Twonky Server Twonky Server before 8.5.1 has XSS via a modified "language" parameter in the Language section. | 4.3 |
| 2018-06-08 | CVE-2018-9177 | Cross-site Scripting vulnerability in Lynxtechnology Twonky Server Twonky Server before 8.5.1 has XSS via a folder name on the Shared Folders screen. | 4.3 |
| 2018-03-30 | CVE-2018-7203 | Cross-site Scripting vulnerability in Lynxtechnology Twonky Server Cross-site scripting (XSS) vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to inject arbitrary web script or HTML via the friendlyname parameter to rpc/set_all. | 4.3 |
| 2018-03-30 | CVE-2018-7171 | Path Traversal vulnerability in Lynxtechnology Twonky Server Directory traversal vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to share the contents of arbitrary directories via a .. | 5.0 |