Vulnerabilities > Quixplorer Project

DATE CVE VULNERABILITY TITLE RISK
2021-01-07 CVE-2020-24902 Cross-site Scripting vulnerability in Quixplorer Project Quixplorer
Quixplorer <=2.4.1 is vulnerable to reflected cross-site scripting (XSS) caused by improper validation of user supplied input.
network
low complexity
quixplorer-project CWE-79
6.1
2020-01-02 CVE-2013-1642 Cross-site Scripting vulnerability in Quixplorer Project Quixplorer
Multiple cross-site scripting (XSS) vulnerabilities in QuiXplorer before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) dir, (2) item, (3) order, (4) searchitem, (5) selitems[], or (6) srt parameter to index.php or (7) the QUERY_STRING to index.php.
network
low complexity
quixplorer-project CWE-79
6.1