📦

getid3

Vendor: getid3

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 4 Total Indexed

Avg. EPSS 1.88% Exploit Prob.

Latest CVE CVE-2021-40926 Oct 01

Security Vulnerability Index

Page 1 / 1

6.1 CVSS

CVE-2021-40926

Cross-site scripting (XSS) vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter.

EPSS: 0.28%

Severity: MEDIUM

Oct 01, 2021

7.5 CVSS

CVE-2014-2053

getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

EPSS: 3.48%

Severity: HIGH

Jun 04, 2014

Displaying 2 of 4 Total Entries

Total 1 Sections