Skip to main content
CVE-2013-1428 MEDIUM POC THREAT This Month

Stack-based buffer overflow in the receive_tcppacket function in net_packet.c in tinc before 1.0.21 and 1.1 before 1.1pre7 allows remote authenticated peers to cause a denial of service (crash) or. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 65.5%.

Buffer Overflow Denial Of Service RCE Tinc
NVD GitHub Exploit-DB
CVSS 2.0
6.5
EPSS
65.5%
Threat
4.8
CVE-2013-3238 MEDIUM POC THREAT This Month

phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a preg_replace. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 64.6%.

RCE Phpmyadmin
NVD Exploit-DB GitHub
CVSS 2.0
6.0
EPSS
64.6%
Threat
4.6
CVE-2013-3240 MEDIUM POC This Month

Directory traversal vulnerability in the Export feature in phpMyAdmin 4.x before 4.0.0-rc3 allows remote authenticated users to read arbitrary files or possibly have unspecified other impact via a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Phpmyadmin
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
4.1%
CVE-2013-3239 MEDIUM POC PATCH THREAT This Month

phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 12.3%.

PHP Code Injection Apache RCE Phpmyadmin
NVD GitHub Exploit-DB
CVSS 2.0
4.6
EPSS
12.3%
CVE-2013-3241 MEDIUM POC This Month

export.php (aka the export script) in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Code Injection Phpmyadmin
NVD Exploit-DB
CVSS 2.0
4.0
EPSS
3.4%
CVE-2013-0727 MEDIUM This Month

Multiple untrusted search path vulnerabilities in Global Mapper 14.1.0 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) ibfs32.dll file in the current working directory,. Rated medium severity (CVSS 6.9). No vendor patch available.

Information Disclosure Global Mapper
NVD
CVSS 2.0
6.9
EPSS
0.1%
CVE-2013-2709 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the FourSquare Checkins plugin before 1.3 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF WordPress XSS Foursquare Checkins
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-2307 MEDIUM This Month

The Yahoo!. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Google Yahoo Browser
NVD
CVSS 2.0
5.8
EPSS
0.2%
CVE-2013-2306 MEDIUM This Month

The jigbrowser+ application before 1.6.4 for Android does not properly open windows, which allows remote attackers to spoof the address bar via a crafted web site. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Google Microsoft Jigbrowser
NVD
CVSS 2.0
5.8
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy