Filtered by vendor Iblsoft
Subscriptions
Filtered by product Online Weather
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-9407 | 1 Iblsoft | 1 Online Weather | 2024-11-21 | 5.3 Medium |
| IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the IWEBSERVICE_JSONRPC_COOKIE cookie. | ||||
| CVE-2020-9406 | 1 Iblsoft | 1 Online Weather | 2024-11-21 | 9.8 Critical |
| IBL Online Weather before 4.3.5a allows unauthenticated eval injection via the queryBCP method of the Auxiliary Service. | ||||
| CVE-2020-9405 | 1 Iblsoft | 1 Online Weather | 2024-11-21 | 6.1 Medium |
| IBL Online Weather before 4.3.5a allows unauthenticated reflected XSS via the redirect page. | ||||
Page 1 of 1.