CVE-2019-18419

MEDIUM

6.1

CVSS Severity Score

EPSS Score0.0500%

EPSS Percentile12.29th

Published2019年10月24日

Last Modified2024年11月21日

Vulnerability Description

A cross-site scripting (XSS) vulnerability in index.php in ClonOS WEB control panel 19.09 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.

Affected Platforms (CPE)

💻

Clonos

= 19.09

References & Advisories

🔗 https://github.com/Andhrimnirr/ClonOS-WEB-control-panel-multi-vulnerability

関連する脆弱性情報

CVE-2019-155719.8

The WEB control panel before 2019-04-30 for ClonOS allows SQL injection in clonos.php.

CVE-2019-184189.8

clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via change password requests because ther...

CVE-2019-515110.0

An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. A specially crafted unauthenticated HTTP request can cause a S...

CVE-2019-504910.0

An exploitable memory corruption vulnerability exists in AMD ATIDXX64.DLL driver, versions 25.20.15031.5004 and 25.20.15031.9002. ...