Skip to main content
CVE-2012-5223 HIGH POC THREAT Act Now

The proc_deutf function in includes/functions_vbseocp_abstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 79.6%.

PHP Code Injection RCE Vbseo
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
79.6%
Threat
5.4
CVE-2012-4415 HIGH POC PATCH THREAT Act Now

Stack-based buffer overflow in the guac_client_plugin_open function in libguac in Guacamole before 0.6.3 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 38.6%.

Buffer Overflow Denial Of Service RCE Fedora Guacamole
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
38.6%
Threat
4.2
CVE-2012-5231 HIGH POC This Week

miniCMS 1.0 and 2.0 allows remote attackers to execute arbitrary PHP code via a crafted (1) pagename or (2) area variable containing an executable extension, which is not properly handled by (a). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Code Injection RCE Minicms
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
5.0%
CVE-2012-4432 HIGH POC PATCH This Week

Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x before 0.7.3 might allow remote attackers to execute arbitrary code via unspecified vectors related to "palette reduction.". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Optipng
NVD
CVSS 2.0
7.5
EPSS
3.6%
CVE-2012-1603 HIGH POC This Week

Multiple SQL injection vulnerabilities in ajaxserver.php in NextBBS 0.6 allow remote attackers to execute arbitrary SQL commands via the (1) curstr parameter in the findUsers function, (2) id. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Nextbbs
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
2.8%
CVE-2012-5224 HIGH POC This Week

PHP remote file inclusion vulnerability in vb/includes/vba_cmps_include_bottom.php in vBadvanced CMPS 3.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Code Injection RCE Vbadvanced Cmps
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.2%
CVE-2012-5227 HIGH POC This Week

SQL injection vulnerability in administrer/tva.php in Peel SHOPPING 2.8 and 2.9 allows remote attackers to execute arbitrary SQL commands via the id parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Peel Shopping
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.4%
CVE-2012-1602 HIGH POC This Week

user.php in NextBBS 0.6 allows remote attackers to bypass authentication and gain administrator access by setting the userkey cookie to 1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass Nextbbs
NVD
CVSS 2.0
7.5
EPSS
0.3%
CVE-2012-2240 HIGH This Week

scripts/dscverify.pl in devscripts before 2.12.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to "arguments to external commands.". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Devscripts
NVD
CVSS 2.0
7.5
EPSS
1.0%
CVE-2012-5230 HIGH This Week

Unspecified vulnerability in the JE Story Submit (com_jesubmit) component before 1.9 for Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Com Jesubmit
NVD
CVSS 2.0
7.5
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy