Getid3 : Security Vulnerabilities, CVEs,
Cross-site scripting (XSS) vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter.
Max CVSS
6.1
EPSS Score
0.09%
Published
2021-10-01
Updated
2021-10-04
getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
Max CVSS
7.5
EPSS Score
0.73%
Published
2014-06-04
Updated
2017-01-07
2 vulnerabilities found