Vembu Storegrid vulnerabilities
2 known vulnerabilities affecting vembu/storegrid.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2014-10079P3MEDIUMCVSS 5.3PoCv4.42019-02-23
CVE-2014-10079 [MEDIUM] CWE-200 CVE-2014-10079: In Vembu StoreGrid 4.4.x, the front page of the server web interface leaks the private IP address in
In Vembu StoreGrid 4.4.x, the front page of the server web interface leaks the private IP address in the "ipaddress" hidden form value of the HTML source code, which is disclosed because of incorrect processing of an index.php/ trailing slash.
nvd
CVE-2014-10078P3MEDIUMCVSS 6.1PoCv4.42019-02-23
CVE-2014-10078 [MEDIUM] CWE-79 CVE-2014-10078: Vembu StoreGrid 4.4.x has XSS in interface/registercustomer/onlineregsuccess.php, interface/register
Vembu StoreGrid 4.4.x has XSS in interface/registercustomer/onlineregsuccess.php, interface/registerreseller/onlineregfailure.php, interface/registerclient/onlineregfailure.php, and interface/registercustomer/onlineregfailure.php.
nvd