Skip to main content
CVE-2013-3383 CRITICAL Act Now

The web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838, and 7.7 before 7.7.0-550 allows remote authenticated users to execute arbitrary. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Cisco RCE Ironport Asyncos
NVD
CVSS 2.0
9.0
EPSS
0.6%
CVE-2013-3384 CRITICAL Act Now

The web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838, and 7.7 before 7.7.0-550; Email Security Appliance devices before 7.1.5-104, 7.3. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Cisco RCE Ironport Asyncos
NVD
CVSS 2.0
9.0
EPSS
0.5%
CVE-2013-3385 HIGH This Week

The management GUI in the web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838, and 7.7 before 7.7.0-602; Email Security Appliance devices. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Ironport Asyncos
NVD
CVSS 2.0
7.8
EPSS
0.6%
CVE-2013-3386 HIGH This Week

The IronPort Spam Quarantine (ISQ) component in the web framework in IronPort AsyncOS on Cisco Email Security Appliance devices before 7.1.5-106 and 7.3, 7.5, and 7.6 before 7.6.3-019 and Content. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Ironport Asyncos
NVD
CVSS 2.0
7.8
EPSS
0.4%
CVE-2013-4720 HIGH PATCH This Week

SQL injection vulnerability in the WEC Discussion Forum extension before 2.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

SQLi Wec Discussion
NVD
CVSS 2.0
7.5
EPSS
0.5%
CVE-2013-4721 HIGH This Week

SQL injection vulnerability in the RSS feed from records extension 1.0.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Push2Rss 3Ds
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2013-4719 HIGH This Week

SQL injection vulnerability in the SEO Pack for tt_news extension before 1.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Seo Pack For Tt News
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2012-6577 MEDIUM PATCH This Month

SQL injection vulnerability in the Formhandler extension before 1.4.1 for TYPO3 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable.

SQLi Formhandler
NVD
CVSS 2.0
6.0
EPSS
0.2%
CVE-2012-6576 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the PRH Search module 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers from certain sources to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Prh Search
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-6575 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Exposed Filter Data module 6.x-1.x before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Exposed Filter Data
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-6574 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Fonecta verify module 7.x-1.x before 7.x-1.6 for Drupal allows remote attackers from certain sources to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Fonecta Verify
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy