Skip to main content
CVE-2013-2250 CRITICAL PATCH Act Now

Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and 12.04.01 allows remote attackers to execute arbitrary Unified Expression Language (UEL). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Apache Information Disclosure Ofbiz
NVD
CVSS 2.0
10.0
EPSS
5.9%
CVE-2013-1942 MEDIUM POC PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.2.20, as used in ownCloud Server before 5.0.4 and other. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS Jplayer Owncloud Owncloud Server
NVD Exploit-DB GitHub
CVSS 2.0
4.3
EPSS
8.8%
CVE-2013-2132 MEDIUM POC PATCH This Month

bson/_cbsonmodule.c in the mongo-python-driver (aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

Python Denial Of Service MongoDB Ubuntu Linux Opensuse
NVD GitHub
CVSS 2.0
4.3
EPSS
2.2%
CVE-2013-2137 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the "View Log" screen in the Webtools application in Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Apache XSS Ofbiz
NVD
CVSS 2.0
4.3
EPSS
3.4%
CVE-2013-5300 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) before 4.3.0 allow remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

PHP XSS Open Source Security Information Management
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2013-2023 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Jplayer
NVD GitHub
CVSS 2.0
4.3
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy