CVSS: 6.1EPSS: 7%CPEs: 2EXPL: 4CVE-2020-25495 – SCO Openserver 5.0.7 - 'section' Reflected XSS
https://notcve.org/view.php?id=CVE-2020-25495
18 Dec 2020 — A reflected Cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO) Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'. Una vulnerabilidad de tipo Cross-site scripting (XSS) reflejado en Xinuo (anteriormente SCO) Openserver versiones 5 y 6, permite a atacantes remotos inyectar un script web arbitrario o una etiqueta HTML por medio del parámetro "section" SCO Openserver version 5.0.7 suffers from a cross site scripting vulnerabil... • https://packetstorm.news/files/id/160634 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 58%CPEs: 2EXPL: 4CVE-2020-25494 – SCO Openserver 5.0.7 - 'outputform' Command Injection
https://notcve.org/view.php?id=CVE-2020-25494
18 Dec 2020 — Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook. Xinuos (anteriormente SCO) Openserver versiones v5 y v6, permite a atacantes ejecutar comandos arbitrarios por medio de metacaracteres de shell en los parámetros outputform o toclevels en cgi-bin/printbook SCO Openserver version 5.0.7 suffers from a command injection vulnerability. • https://packetstorm.news/files/id/160635 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 8%CPEs: 20EXPL: 8CVE-2004-0230 – TCP Connection Reset - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2004-0230
05 May 2004 — TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. TCP, cuando se usa un tamaño de ventana de transmisión grande, hace más fácil a atacantes remotos adivinar números de secuencia y causar una denegación de servicio (pérdida de la conexión) en conexiones TCP persistentes in... • https://www.exploit-db.com/exploits/291 •