Quixplorer Project Quixplorer vulnerabilities
2 known vulnerabilities affecting quixplorer_project/quixplorer.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2020-24902P3MEDIUMCVSS 6.1PoCfixed in 2.4.1v2.4.12021-01-07
CVE-2020-24902 [MEDIUM] CWE-79 CVE-2020-24902: Quixplorer <=2.4.1 is vulnerable to reflected cross-site scripting (XSS) caused by improper validati
Quixplorer <=2.4.1 is vulnerable to reflected cross-site scripting (XSS) caused by improper validation of user supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could us
nvd
CVE-2013-1642P4MEDIUMCVSS 6.1fixed in 2.5.52020-01-02
CVE-2013-1642 [MEDIUM] CWE-79 CVE-2013-1642: Multiple cross-site scripting (XSS) vulnerabilities in QuiXplorer before 2.5.5 allow remote attacker
Multiple cross-site scripting (XSS) vulnerabilities in QuiXplorer before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) dir, (2) item, (3) order, (4) searchitem, (5) selitems[], or (6) srt parameter to index.php or (7) the QUERY_STRING to index.php.
nvd