Fomori Cherrymusic vulnerabilities
2 known vulnerabilities affecting fomori/cherrymusic.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2015-8309P3MEDIUMCVSS 4.3PoC≤ 0.35.22017-03-27
CVE-2015-8309 [MEDIUM] CWE-22 CVE-2015-8309: Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to
Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download."
ghsanvdosv
CVE-2015-8310P4MEDIUMCVSS 5.4≤ 0.35.22017-03-27
CVE-2015-8310 [MEDIUM] CWE-79 CVE-2015-8310: Cross-site scripting (XSS) vulnerability in Cherry Music before 0.36.0 allows remote authenticated u
Cross-site scripting (XSS) vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to inject arbitrary web script or HTML via the playlistname field when creating a new playlist.
ghsanvdosv