Opsview Opsview : Security vulnerabilities, CVEs published in 2013

Copy

CVE-2013-5695

Multiple cross-site scripting (XSS) vulnerabilities in Opsview before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to admin/auditlog/, (2) PATH_INFO to info/host/ or (3) viewport/, (4) back parameter to login, or (5) "from" parameter to status/service/recheck.

Max CVSS

4.3

EPSS Score

0.13%

Published

2013-11-05

Updated

2013-11-07

CVE-2013-5694

SQL injection vulnerability in status/service/acknowledge in Opsview before 4.4.1 allows remote attackers to execute arbitrary SQL commands via the service_selection parameter.

Max CVSS

7.5

EPSS Score

0.58%

Published

2013-11-05

Updated

2013-11-07

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!