CVE-2026-31956

< 4.4.1

Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to

4.3MEDIUM

CVE-2026-31955

< 4.4.1

Xibo is an open source digital signage platform with a web content management system and Windows display player software. An authe

4.9MEDIUM

CVE-2026-31953

< 4.4.1

Xibo is an open source digital signage platform with a web content management system and Windows display player software. A stored

6.4MEDIUM

CVE-2026-31952

>= 1.7.0 and < 4.4.1

Xibo is an open source digital signage platform with a web content management system and Windows display player software. Versions

7.6HIGH

CVE-2025-62369

>= 4.1.0 and < 4.3.1

Xibo is an open source digital signage platform with a web content management system (CMS). Versions 4.3.0 and below contain a Rem

7.2HIGH

CVE-2024-43413

< 4.1.0

Xibo is an open source digital signage platform with a web content management system (CMS). Prior to version 4.1.0, a cross-site s

3.5LOW

CVE-2024-43412

< 4.1.0

Xibo is an open source digital signage platform with a web content management system (CMS). Prior to version 4.1.0, a cross-site s

4.6MEDIUM

CVE-2024-41804

>= 2.1.0 and < 3.3.12

Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the API route inside the CMS responsib

6.5MEDIUM

CVE-2024-41803

>= 2.1.0 and < 3.3.12

Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the API routes inside the CMS responsi

4.9MEDIUM

CVE-2024-41802

>= 2.1.0 and < 3.3.12

Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the API routes inside the CMS responsi

8.1HIGH

CVE-2023-33181

>= 3.0.0 and < 3.3.5

Xibo is a content management system (CMS). Starting in version 3.0.0 and prior to version 3.3.5, some API routes will print a stac

4.3MEDIUM

CVE-2023-33180

>= 3.2.0 and < 3.3.5

Xibo is a content management system (CMS). An SQL injection vulnerability was discovered starting in version 3.2.0 and prior to ve

6.5MEDIUM

CVE-2023-33179

>= 3.2.0 and < 3.3.5

Xibo is a content management system (CMS). An SQL injection vulnerability was discovered starting in version 3.2.0 and prior to ve

6.5MEDIUM

CVE-2023-33178

>= 1.4.0 and < 2.3.17

Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the /dataset/data/{id} API route ins

6.5MEDIUM

CVE-2023-33177

>= 1.8.0 and < 2.3.17

Xibo is a content management system (CMS). A path traversal vulnerability exists in the Xibo CMS whereby a specially crafted zip f

8.8HIGH

CVE-2013-4889

all versions

Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in Digital Signage Xibo 1.4.2 allow remote attackers to hi

CVE-2013-4888

all versions

Cross-site scripting (XSS) vulnerability in index.php in Digital Signage Xibo 1.4.2 allows remote attackers to inject arbitrary we

CVE-2013-4887

all versions

SQL injection vulnerability in index.php in Digital Signage Xibo 1.4.2 allows remote attackers to execute arbitrary SQL commands v

CVE-2013-5979

all versions

Directory traversal vulnerability in Spring Signage Xibo 1.2.x before 1.2.3 and 1.4.x before 1.4.2 allows remote attackers to read