Skip to main content
CVE-2013-1120 MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Unity Express with software before 8.0 allow remote attackers to hijack the authentication of unspecified victims via unknown. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Cisco Unity Express Software Unity Express
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.6%
CVE-2012-2294 MEDIUM This Month

EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to conduct clickjacking attacks via a crafted web page. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Rsa Archer Smartsuite Rsa Archer Egrc
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2012-2293 MEDIUM This Month

Directory traversal vulnerability in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allows remote authenticated users to upload files, and consequently execute arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal RCE Rsa Archer Smartsuite Rsa Archer Egrc
NVD
CVSS 2.0
6.5
EPSS
1.3%
CVE-2012-3279 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Network Node Manager I
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2012-5186 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in FLUGELz netmania myu-s and PHP WeblogSystem allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

PHP XSS Myu S Php Weblog System Mania
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-5187 MEDIUM This Month

The Weathernews Touch application 2.3.2 and earlier for Android allows attackers to obtain sensitive information about logged locations via a crafted application that leverages read permission for. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Google Weathernews Touch
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2012-1064 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Rsa Archer Smartsuite Rsa Archer Egrc
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-1107 MEDIUM This Month

The search function in Cisco Webex Social (formerly Cisco Quad) allows remote authenticated users to read files via unspecified parameters, aka Bug ID CSCud40235. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Webex Social
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy