Xinuos: >> Openserver >> 6.0 Security Vulnerabilities
Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook.
CVSS Score
9.8
EPSS Score
0.392
Published
2020-12-18
A reflected Cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO) Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'.
CVSS Score
6.1
EPSS Score
0.081
Published
2020-12-18