Skip to main content
CVE-2013-5317 LOW POC Monitor

Cross-site scripting (XSS) vulnerability in RiteCMS 1.0.0 allows remote authenticated users to inject arbitrary web script or HTML via the mode parameter to cms/index.php. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP XSS Ritecms
NVD Exploit-DB
CVSS 2.0
3.5
EPSS
0.4%
CVE-2013-4956 LOW Monitor

Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, installs modules with weak permissions if. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Puppet Puppet Enterprise
NVD
CVSS 2.0
3.6
EPSS
0.1%
CVE-2012-6582 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Spambot module 6.x-3.x before 6.x-3.2 and 7.x-1.x before 7.x-1.1 for Drupal allows certain remote attackers to inject arbitrary web script or HTML via. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable.

XSS Spambot
NVD
CVSS 2.0
2.6
EPSS
0.5%
CVE-2013-4959 LOW Monitor

Puppet Enterprise before 3.0.1 uses HTTP responses that contain sensitive information without the "no-cache" setting, which might allow local users to obtain sensitive information such as (1) host. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Puppet Enterprise
NVD
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy