Skip to main content
CVE-2013-1839 HIGH Act Now

The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 41.9% and no vendor patch available.

Denial Of Service Squid
NVD
CVSS 2.0
7.8
EPSS
41.9%
CVE-2013-5692 HIGH POC This Week

Directory traversal vulnerability in X2Engine X2CRM before 3.5 allows remote authenticated administrators to include and execute arbitrary local files via a .. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP Path Traversal X2Crm
NVD Exploit-DB
CVSS 2.0
8.5
EPSS
9.3%
CVE-2013-5697 HIGH POC This Week

SQL injection vulnerability in mod_accounting.c in the mod_accounting module 0.5 and earlier for Apache allows remote attackers to execute arbitrary SQL commands via a Host header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Apache Mod Accounting
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.0%
CVE-2013-4362 HIGH POC PATCH This Week

WEB-DAV Linux File System (davfs2) 1.4.6 and 1.4.7 allow local users to gain privileges via unknown attack vectors in (1) kernel_interface.c and (2) mount_davfs.c, related to the "system" function. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Davfs2
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy