Skip to main content
CVE-2012-6046 CRITICAL POC THREAT Emergency

Static code injection vulnerability in admin/banners.php in PHP Enter allows remote attackers to inject arbitrary PHP code into horad.php via the code parameter. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 15.7%.

PHP Code Injection RCE Php Enter
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
15.7%
Threat
4.0
CVE-2012-6050 MEDIUM POC This Month

The winbox service in MikroTik RouterOS 5.15 and earlier allows remote attackers to cause a denial of service (CPU consumption), read the router version, and possibly have other impacts via a request. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Mikrotik Denial Of Service Routeros
NVD Exploit-DB
CVSS 2.0
6.4
EPSS
8.6%
CVE-2012-6047 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in X7 Chat 2.0.5.1 and earlier allows remote attackers to hijack the authentication of administrators for requests that add a user to an arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF PHP X7 Chat
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.2%
CVE-2012-6048 MEDIUM POC This Month

Guitar Pro 6.1.1 r10791 allows remote attackers to cause a denial of service (crash) via a long string in a gpx file. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Guitar Pro
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
7.4%
CVE-2012-4614 CRITICAL Act Now

The default configuration of EMC Smarts Network Configuration Manager (NCM) before 9.1 does not require authentication for database access, which allows remote attackers to have an unspecified impact. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass It Operations Intelligence
NVD
CVSS 2.0
9.3
EPSS
0.6%
CVE-2012-6045 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in gb/user/index.php in Ramui Forum, possibly 1.0 Beta, allows remote attackers to inject arbitrary web script or HTML via the query parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP XSS Ramui Forum
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
2.2%
CVE-2012-6049 MEDIUM This Month

Open Solution Quick.Cart 5.0 allows remote attackers to obtain sensitive information via (1) a long string or (2) invalid characters in a cookie, which reveals the installation path in an error. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Quick Cart
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2012-4611 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Adaptive Authentication On-Premise (AAOP) before 7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Rsa Adaptive Authentication On Premise
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2012-4615 LOW Monitor

EMC Smarts Network Configuration Manager (NCM) before 9.1 uses a hardcoded encryption key for the storage of credentials, which allows local users to obtain sensitive information via unspecified. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure It Operations Intelligence
NVD
CVSS 2.0
2.1
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy