Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.opencms/opencms-core@7.0.3
Typemaven
Namespaceorg.opencms
Nameopencms-core
Version7.0.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version11.0.1
Latest_non_vulnerable_version11.0.1
Affected_by_vulnerabilities
0
url VCID-5fhr-1sjb-jfbc
vulnerability_id VCID-5fhr-1sjb-jfbc
summary 
Alkacon OpenCMS Absolute Path Traversal via pathname in filePath.0 parameter
Absolute path traversal vulnerability in system/workplace/admin/workplace/logfileview/logfileViewSettings.jsp in Alkacon OpenCms 7.0.3 and 7.0.4 allows remote authenticated administrators to read arbitrary files via a full pathname in the filePath.0 parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-1301
reference_id
reference_type
scores
0
value 0.03125
scoring_system epss
scoring_elements 0.87079
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-1301
1
reference_url http://securityreason.com/securityalert/3731
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://securityreason.com/securityalert/3731
2
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/41096
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/41096
3
reference_url https://github.com/alkacon/opencms-core
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/alkacon/opencms-core
4
reference_url https://github.com/alkacon/opencms-core/commit/7b73b5559c1b025dfe0f7b38ed4119c25b9df409
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/alkacon/opencms-core/commit/7b73b5559c1b025dfe0f7b38ed4119c25b9df409
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-1301
reference_id CVE-2008-1301
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-1301
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31366.txt
reference_id CVE-2008-1301;OSVDB-42785
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31366.txt
7
reference_url https://github.com/advisories/GHSA-xxjj-jhgc-r68f
reference_id GHSA-xxjj-jhgc-r68f
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xxjj-jhgc-r68f
fixed_packages
0
url pkg:maven/org.opencms/opencms-core@7.0.5
purl pkg:maven/org.opencms/opencms-core@7.0.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.opencms/opencms-core@7.0.5
aliases CVE-2008-1301, GHSA-xxjj-jhgc-r68f
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5fhr-1sjb-jfbc
1
url VCID-78uz-habg-3bg7
vulnerability_id VCID-78uz-habg-3bg7
summary 
Alkacon OpenCMS XSS via searchfilter parameter in system/workplace/admin/workplace/sessions.jsp
Cross-site scripting (XSS) vulnerability in system/workplace/admin/workplace/sessions.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the searchfilter parameter, a different vector than CVE-2008-1510.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-1753
reference_id
reference_type
scores
0
value 0.0034
scoring_system epss
scoring_elements 0.56972
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-1753
1
reference_url http://securityreason.com/securityalert/3808
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://securityreason.com/securityalert/3808
2
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/41675
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/41675
3
reference_url https://github.com/alkacon/opencms-core
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/alkacon/opencms-core
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-1753
reference_id CVE-2008-1753
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-1753
5
reference_url https://github.com/advisories/GHSA-4r3g-w24c-gpr6
reference_id GHSA-4r3g-w24c-gpr6
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4r3g-w24c-gpr6
fixed_packages
0
url pkg:maven/org.opencms/opencms-core@7.0.4
purl pkg:maven/org.opencms/opencms-core@7.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.opencms/opencms-core@7.0.4
aliases CVE-2008-1753, GHSA-4r3g-w24c-gpr6
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-78uz-habg-3bg7
2
url VCID-gsq3-satw-skdz
vulnerability_id VCID-gsq3-satw-skdz
summary 
Alkacon OpenCMS XSS via file tree navigation in system/workplace/views/explorer/tree_files.jsp
Cross-site scripting (XSS) vulnerability in the file tree navigation function in system/workplace/views/explorer/tree_files.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the resource parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-1045
reference_id
reference_type
scores
0
value 0.00564
scoring_system epss
scoring_elements 0.6871
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-1045
1
reference_url http://securityreason.com/securityalert/3702
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://securityreason.com/securityalert/3702
2
reference_url https://github.com/alkacon/opencms-core
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/alkacon/opencms-core
3
reference_url https://github.com/alkacon/opencms-core/commit/49c5beded65bf0232cab61b1299b85dee9ae2014
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/alkacon/opencms-core/commit/49c5beded65bf0232cab61b1299b85dee9ae2014
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-1045
reference_id CVE-2008-1045
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-1045
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/jsp/webapps/31299.txt
reference_id CVE-2008-1045;OSVDB-42357
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/jsp/webapps/31299.txt
6
reference_url https://www.securityfocus.com/bid/27986/info
reference_id CVE-2008-1045;OSVDB-42357
reference_type exploit
scores
url https://www.securityfocus.com/bid/27986/info
7
reference_url https://github.com/advisories/GHSA-v965-wwrq-gxfg
reference_id GHSA-v965-wwrq-gxfg
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v965-wwrq-gxfg
fixed_packages
0
url pkg:maven/org.opencms/opencms-core@7.0.4
purl pkg:maven/org.opencms/opencms-core@7.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.opencms/opencms-core@7.0.4
aliases CVE-2008-1045, GHSA-v965-wwrq-gxfg
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gsq3-satw-skdz
3
url VCID-nnhu-zknw-fqgn
vulnerability_id VCID-nnhu-zknw-fqgn
summary 
Alkacon OpenCMS XSS via searchfilter or listSearchFilter parameter
Cross-site scripting (XSS) vulnerability in system/workplace/admin/accounts/users_list.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the (1) searchfilter or (2) listSearchFilter parameter.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-1510
reference_id
reference_type
scores
0
value 0.00564
scoring_system epss
scoring_elements 0.6871
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-1510
1
reference_url http://securityreason.com/securityalert/3777
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://securityreason.com/securityalert/3777
2
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/41390
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/41390
3
reference_url https://github.com/alkacon/opencms-core
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/alkacon/opencms-core
4
reference_url https://github.com/alkacon/opencms-core/commit/49c5beded65bf0232cab61b1299b85dee9ae2014
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/alkacon/opencms-core/commit/49c5beded65bf0232cab61b1299b85dee9ae2014
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-1510
reference_id CVE-2008-1510
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-1510
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/jsp/webapps/31475.txt
reference_id CVE-2008-1510;OSVDB-43801
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/jsp/webapps/31475.txt
7
reference_url https://www.securityfocus.com/bid/28411/info
reference_id CVE-2008-1510;OSVDB-43801
reference_type exploit
scores
url https://www.securityfocus.com/bid/28411/info
8
reference_url https://github.com/advisories/GHSA-4fg8-5hwc-wg5v
reference_id GHSA-4fg8-5hwc-wg5v
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4fg8-5hwc-wg5v
fixed_packages
0
url pkg:maven/org.opencms/opencms-core@7.0.4
purl pkg:maven/org.opencms/opencms-core@7.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.opencms/opencms-core@7.0.4
aliases CVE-2008-1510, GHSA-4fg8-5hwc-wg5v
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nnhu-zknw-fqgn
4
url VCID-wkwj-66qj-dqfh
vulnerability_id VCID-wkwj-66qj-dqfh
summary 
Alkacon Open CMS XSS via Logfile Viewer Settings function
Cross-site scripting (XSS) vulnerability in the Logfile Viewer Settings function in system/workplace/admin/workplace/logfileview/logfileViewSettings.jsp in Alkacon OpenCms 7.0.3 and 7.0.4 allows remote attackers to inject arbitrary web script or HTML via the filePath.0 parameter in a save action, a different vector than CVE-2008-1045.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-1300
reference_id
reference_type
scores
0
value 0.00574
scoring_system epss
scoring_elements 0.69048
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-1300
1
reference_url http://securityreason.com/securityalert/3731
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url http://securityreason.com/securityalert/3731
2
reference_url https://github.com/alkacon/opencms-core
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/alkacon/opencms-core
3
reference_url https://github.com/alkacon/opencms-core/commit/7b73b5559c1b025dfe0f7b38ed4119c25b9df409
reference_id
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/alkacon/opencms-core/commit/7b73b5559c1b025dfe0f7b38ed4119c25b9df409
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-1300
reference_id CVE-2008-1300
reference_type
scores
0
value 1.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-1300
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31365.txt
reference_id CVE-2008-1300;OSVDB-42784
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31365.txt
6
reference_url https://www.securityfocus.com/bid/28152/info
reference_id CVE-2008-1301;OSVDB-42785
reference_type exploit
scores
url https://www.securityfocus.com/bid/28152/info
7
reference_url https://github.com/advisories/GHSA-w3v2-vfrj-j9g8
reference_id GHSA-w3v2-vfrj-j9g8
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w3v2-vfrj-j9g8
fixed_packages
0
url pkg:maven/org.opencms/opencms-core@7.0.5
purl pkg:maven/org.opencms/opencms-core@7.0.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.opencms/opencms-core@7.0.5
aliases CVE-2008-1300, GHSA-w3v2-vfrj-j9g8
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wkwj-66qj-dqfh
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.opencms/opencms-core@7.0.3