Vulnerabilities > Xinuos > Openserver > 6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-18 | CVE-2020-25495 | Cross-site Scripting vulnerability in Xinuos Openserver 5.0.7/6.0 A reflected Cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO) Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'. | 4.3 |
| 2020-12-18 | CVE-2020-25494 | Argument Injection or Modification vulnerability in Xinuos Openserver 5.0.7/6.0 Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook. | 7.5 |