Open xdmod

This hub aggregates every CVE we track for Open xdmod, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 7 most recently published vulnerabilities affecting Open xdmod.

• CVE-2026-45779Open XDMoD Vulnerable to Unauthenticated SQL Injection Leading to Full Database Compromise9.8Jun 5, 2026
• CVE-2026-45778Open XDMoD Vulnerable to Reflected Cross-Site Scripting (XSS) in Password Reset5.4Jun 5, 2026
• CVE-2026-45777Open XDMoD Vulnerable to Unauthenticated Remote Code Execution (RCE) via OS Command Injection9.8Jun 5, 2026
• CVE-2026-45776Open XDMoD has Broken Access Control via Client-Controlled Session Variable4.3Jun 5, 2026
• CVE-2018-16988An issue was discovered in Open XDMoD through 7.5.0. An authentication bypass (account takeover) exists due to a weak password reset mechanism. A brute-force attack against an MD5 rid value require...9.8May 2, 2019
• CVE-2018-16961An issue was discovered in Open XDMoD through 7.5.0. html/gui/general/dl_publication.php allows Path traversal via the file parameter, allowing remote attackers to read PDF files in arbitrary direc...7.5May 2, 2019
• CVE-2018-16960An issue was discovered in Open XDMoD through 7.5.0. html/gui/general/login.php has Reflected XSS via the xd_user_formal_name parameter.6.1May 2, 2019