Vulnerabilities > Openwebif Project

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-04	CVE-2021-38113	Cross-site Scripting vulnerability in Openwebif Project Openwebif In addBouquet in js/bqe.js in OpenWebif (aka e2openplugin-OpenWebif) through 1.4.7, inserting JavaScript into the Add Bouquet feature of the Bouquet Editor (i.e., bouqueteditor/api/addbouquet?name=) leads to Stored XSS. network low complexity openwebif-project CWE-79	5.4
2018-12-21	CVE-2018-20332	Path Traversal vulnerability in Openwebif Project Openwebif An issue has been discovered in the OpenWebif plugin through 1.2.4 for Enigma2 based devices. network low complexity openwebif-project CWE-22	7.5
2017-09-18	CVE-2017-9333	Improper Input Validation vulnerability in Openwebif Project Openwebif 1.2.5 OpenWebif 1.2.5 allows remote code execution via a URL to the CallOPKG function in the IpkgController class in plugin/controllers/ipkg.py, when the URL refers to an attacker-controlled web site with a Trojan horse package. network low complexity openwebif-project CWE-20	8.8
2017-06-22	CVE-2017-9807	Code Injection vulnerability in Openwebif Project Openwebif An issue was discovered in the OpenWebif plugin through 1.2.4 for E2 open devices. network low complexity openwebif-project CWE-94 critical	9.8

Vulnerabilities > Openwebif Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Openwebif Project"}]}