Vulnerabilities > Usvn

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-31	CVE-2020-17363	OS Command Injection vulnerability in Usvn USVN (aka User-friendly SVN) before 1.0.9 allows remote code execution via shell metacharacters in the number_start or number_end parameter to LastHundredRequest (aka lasthundredrequestAction) in the Timeline module. network low complexity usvn CWE-78 critical	9.9
2020-09-01	CVE-2020-25070	Cross-Site Request Forgery (CSRF) vulnerability in Usvn USVN (aka User-friendly SVN) before 1.0.10 allows CSRF, related to the lack of the SameSite Strict feature. network low complexity usvn CWE-352	8.8
2020-09-01	CVE-2020-25069	Unspecified vulnerability in Usvn USVN (aka User-friendly SVN) before 1.0.10 allows attackers to execute arbitrary code in the commit view. network low complexity usvn critical	9.8
2020-08-05	CVE-2020-17364	Cross-site Scripting vulnerability in Usvn User-Friendly SVN USVN (aka User-friendly SVN) before 1.0.9 allows XSS via SVN logs. network low complexity usvn CWE-79	6.1
2018-11-15	CVE-2018-0695	Cross-site Scripting vulnerability in Usvn Cross-site scripting vulnerability in User-friendly SVN (USVN) Version 1.0.7 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network low complexity usvn CWE-79	6.1

Vulnerabilities > Usvn {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Usvn"}]}