Eyeos Project » Eyeos : Security Vulnerabilities, CVEs, Published In 2005
eyeOS 0.8.4 stores usrinfo.xml under the web document root with insufficient access control, which allows remote attackers to obtain user credentials.
Max CVSS
7.5
EPSS Score
1.83%
Published
2005-11-01
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in desktop.php in eyeOS 0.8.4 allows remote attackers to inject arbitrary web script or HTML via the motd parameter.
Max CVSS
4.3
EPSS Score
0.83%
Published
2005-11-01
Updated
2017-07-11
2 vulnerabilities found