Skip to main content
CVE-2013-1748 HIGH POC This Week

Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) edit.php or (2) import.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Php Address Book
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.4%
CVE-2012-4715 CRITICAL Act Now

Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Rockwell RCE Rslinx Enterprise
NVD
CVSS 2.0
10.0
EPSS
0.3%
CVE-2013-1749 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in edit.php in PHP Address Book 8.2.5 allows user-assisted remote attackers to inject arbitrary web script or HTML via the Address field. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP XSS Php Address Book
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-0139 HIGH This Week

The Arecont Vision AV1355DN MegaDome camera allows remote attackers to cause a denial of service (video-capture outage) via a packet to UDP port 69. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Vision Av1355Dn Megadome Camera
NVD
CVSS 2.0
7.8
EPSS
1.0%
CVE-2012-4714 HIGH This Week

Integer overflow in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Rockwell Factorytalk Services Platform
NVD
CVSS 2.0
7.8
EPSS
0.0%
CVE-2012-4713 HIGH This Week

Integer signedness error in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Rockwell Factorytalk Services Platform
NVD
CVSS 2.0
7.8
EPSS
0.0%
CVE-2013-1177 HIGH This Week

SQL injection vulnerability in Cisco Network Admission Control (NAC) Manager before 4.8.3.1 and 4.9.x before 4.9.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Cisco Network Admission Control Manager And Server System Software
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2013-0133 HIGH This Week

Untrusted search path vulnerability in /usr/local/psa/admin/sbin/wrapper in Parallels Plesk Panel 11.0.9 allows local users to gain privileges via a crafted PATH environment variable. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Parallels Plesk Panel
NVD
CVSS 2.0
7.2
EPSS
0.2%
CVE-2013-1176 HIGH This Week

The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before 4.3(2.30), TelePresence MCU MSE 8510 devices before 4.3(2.30), and TelePresence Server before 2.3(1.55) does not properly validate. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Telepresence Mcu 4500 Series Software Telepresence Mcu 4505 Telepresence Mcu 4510 +9
NVD
CVSS 2.0
7.1
EPSS
0.4%
CVE-2012-4695 HIGH This Week

LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Rockwell Rslinx Enterprise
NVD
CVSS 2.0
7.1
EPSS
0.0%
CVE-2013-0132 MEDIUM This Month

The suexec implementation in Parallels Plesk Panel 11.0.9 contains a cgi-wrapper whitelist entry, which allows user-assisted remote attackers to execute arbitrary PHP code via a request containing. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

PHP Code Injection RCE Parallels Plesk Panel
NVD
CVSS 2.0
6.8
EPSS
0.5%
CVE-2013-0687 MEDIUM This Month

The installer routine in Schneider Electric MiCOM S1 Studio uses world-writable permissions for executable files, which allows local users to modify the service or the configuration files, and. Rated medium severity (CVSS 6.6). No vendor patch available.

Privilege Escalation Schneider Electric Micom S1 Studio
NVD
CVSS 2.0
6.6
EPSS
0.0%
CVE-2013-1194 MEDIUM This Month

The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Adaptive Security Appliance Software Adaptive Security Appliance
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-1199 MEDIUM This Month

Race condition in the CIFS implementation in the rewriter module in the Clientless SSL VPN component on Cisco Adaptive Security Appliances (ASA) devices allows remote authenticated users to cause a. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Race Condition Cisco Adaptive Security Appliance Clientless Ssl Vpn Adaptive Security Appliance Software +1
NVD
CVSS 2.0
4.9
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy