Skip to main content
CVE-2013-3651 HIGH This Week

LOCKON EC-CUBE 2.11.2 through 2.12.4 allows remote attackers to conduct unspecified PHP code-injection attacks via a crafted string, related to data/class/SC_CheckError.php and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Code Injection RCE Ec Cube
NVD
CVSS 2.0
7.5
EPSS
8.9%
CVE-2013-4734 HIGH This Week

dasdec_mkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable passwords, which might make it easier. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 3.1
7.3
EPSS
2.6%
CVE-2013-4733 HIGH This Week

The web server on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 allows remote attackers to obtain sensitive configuration. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation
NVD VulDB
CVSS 3.1
7.5
EPSS
1.5%
CVE-2013-2342 HIGH This Week

The HP StoreOnce D2D backup system with software before 3.0.0 has a default password of badg3r5 for the HPSupport account, which allows remote attackers to obtain administrative access and delete. Rated high severity (CVSS 7.7), this vulnerability is low attack complexity. No vendor patch available.

HP Authentication Bypass Storeonce D2D
NVD
CVSS 2.0
7.7
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy