Vulnerabilities > Quixplorer Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-07 | CVE-2020-24902 | Cross-site Scripting vulnerability in Quixplorer Project Quixplorer Quixplorer <=2.4.1 is vulnerable to reflected cross-site scripting (XSS) caused by improper validation of user supplied input. | 6.1 |
2020-01-02 | CVE-2013-1642 | Cross-site Scripting vulnerability in Quixplorer Project Quixplorer Multiple cross-site scripting (XSS) vulnerabilities in QuiXplorer before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) dir, (2) item, (3) order, (4) searchitem, (5) selitems[], or (6) srt parameter to index.php or (7) the QUERY_STRING to index.php. | 6.1 |