Every CVE whose affected-product data names Janrain Php-openid, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2016-2049 — CVSS 8.8 (high): examples/consumer/common.php in JanRain PHP OpenID library (aka php-openid) improperly checks the openid.realm parameter against the…
CVE-2013-4701 — CVSS 7.5 (high): Auth/Yadis/XML.php in PHP OpenID Library 2.2.2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet…
CVE-2011-3707 — CVSS 5.0 (medium): JanRain PHP OpenID library (aka php-openid) 2.2.2 allows remote attackers to obtain sensitive information via a direct request to a .php…