Skip to main content
CVE-2013-4626 MEDIUM POC PATCH This Month

Cross-site scripting (XSS) vulnerability in the BackWPup plugin before 3.0.13 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tab parameter to wp-admin/admin.php. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

WordPress PHP XSS Backwpup Plugin
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2012-4092 MEDIUM This Month

The management interface in the Central Software component in Cisco Unified Computing System (UCS) does not properly validate the identity of vCenter consoles, which allows man-in-the-middle. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

VMware Information Disclosure Cisco Unified Computing System
NVD
CVSS 2.0
5.8
EPSS
0.3%
CVE-2012-4079 MEDIUM This Month

The XML API service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) allows remote attackers to cause a denial of service (API service outage) via a malformed XML document. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Unified Computing System
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2012-4088 MEDIUM This Month

The FTP server in Cisco Unified Computing System (UCS) has a hardcoded password for an unspecified user account, which makes it easier for remote attackers to read or modify files by leveraging. Rated medium severity (CVSS 4.3). No vendor patch available.

Cisco Authentication Bypass Unified Computing System
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy