MidnightBSD

Advisories for rincewind_project

CVE-2018-14872 MEDIUM

An issue was discovered in Rincewind 0.1. A reinstall vulnerability exists because the parameter p of index.php and another file named commonPages.php allows an attacker to reinstall the product, with all data reset.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
rincewind_project rincewind 0.1
CVE-2018-14873 LOW

An issue was discovered in Rincewind 0.1. There is a cross-site scripting (XSS) vulnerability involving a p=account request to index.php and another file named commonPages.php.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
rincewind_project rincewind 0.1