Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
janrain php-openid vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2016-2049
examples/consumer/common.php in JanRain PHP OpenID library (aka php-openid) improperly checks the openid.realm parameter against the SERVER_NAME element in the SERVER superglobal array, which might allow remote malicious users to hijack the authentication of arbitrary users via v...
Janrain Php-openid
7.5
CVSSv2
CVE-2013-4701
Auth/Yadis/XML.php in PHP OpenID Library 2.2.2 and previous versions allows remote malicious users to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via XRDS data containing an external entity declaration in...
Janrain Php-openid
5
CVSSv2
CVE-2011-3707
JanRain PHP OpenID library (aka php-openid) 2.2.2 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Auth/Yadis/Yadis.php and certain other files.
Janrain Php-openid 2.2.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started