Skip to main content
CVE-2012-6509 HIGH POC This Week

Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 allows remote attackers to execute arbitrary PHP code by uploading a file a double extension, as demonstrated by .php%00.jpg. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Car Portal
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
4.9%
CVE-2012-6519 HIGH POC This Week

SQL injection vulnerability in modules/poll/index.php in DIY-CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the start parameter to mod.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Diy Cms
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
2.8%
CVE-2012-6504 HIGH POC This Week

SQL injection vulnerability in mods/hours/data/get_hours.php in PHP Volunteer Management 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Php Volunteer Management
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.4%
CVE-2012-6520 HIGH POC This Week

Multiple SQL injection vulnerabilities in the advanced search in Wikidforum 2.10 allow remote attackers to execute arbitrary SQL commands via the (1) select_sort or (2) opt_search_select parameters. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Wikidforum
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.3%
CVE-2012-6516 HIGH POC This Week

SQL injection vulnerability in PHP Ticket System Beta 1 allows remote attackers to execute arbitrary SQL commands via the q parameter to index.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Php Ticket System
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.9%
CVE-2012-6507 HIGH POC This Week

Multiple SQL injection vulnerabilities in admin.php in ChurchCMS 0.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) uname or (2) pass parameters in a login action. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Churchcms
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2012-6438 HIGH Act Now

The device does not properly validate the data being sent to the buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.4% and no vendor patch available.

Buffer Overflow Rockwell
NVD VulDB
CVSS 3.1
7.5
EPSS
13.4%
CVE-2012-6436 HIGH Act Now

The device does not properly validate the data being sent to the buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.4% and no vendor patch available.

Buffer Overflow Rockwell
NVD VulDB
CVSS 3.1
7.5
EPSS
13.4%
CVE-2012-6442 HIGH Act Now

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the product to reset,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.3% and no vendor patch available.

Rockwell Authentication Bypass
NVD VulDB
CVSS 3.1
7.5
EPSS
10.3%
CVE-2012-6435 HIGH This Week

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the CPU to stop logic. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Rockwell Authentication Bypass
NVD VulDB
CVSS 3.1
7.5
EPSS
7.0%
CVE-2012-6439 HIGH This Week

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that changes the product’s. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Rockwell Authentication Bypass Controllogix Controllers Guardlogix Controllers Micrologix +14
NVD
CVSS 2.0
8.5
EPSS
0.6%
CVE-2013-1103 HIGH This Week

Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (Access Point reload). Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software 2000 Wireless Lan Controller 2100 Wireless Lan Controller +6
NVD
CVSS 2.0
7.8
EPSS
0.7%
CVE-2013-1102 HIGH This Week

The Wireless Intrusion Prevention System (wIPS) component on Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.0, 7.1 and 7.2 before 7.2.110.0, and 7.3 before 7.3.101.0. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Wireless Lan Controller Software 2000 Wireless Lan Controller 2100 Wireless Lan Controller +6
NVD
CVSS 2.0
7.8
EPSS
0.6%
CVE-2013-0843 HIGH This Week

content/renderer/media/webrtc_audio_renderer.cc in Google Chrome before 24.0.1312.56 on Mac OS X does not use an appropriate buffer size for the 96 kHz sampling rate, which allows remote attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Google Chrome
NVD
CVSS 2.0
7.5
EPSS
0.8%
CVE-2013-0839 HIGH This Week

Use-after-free vulnerability in Google Chrome before 24.0.1312.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Chrome
NVD
CVSS 2.0
7.5
EPSS
0.6%
CVE-2013-0841 HIGH This Week

Array index error in the content-blocking functionality in Google Chrome before 24.0.1312.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Chrome
NVD
CVSS 2.0
7.5
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy