Skip to main content
CVE-2013-5694 HIGH POC This Week

SQL injection vulnerability in status/service/acknowledge in Opsview before 4.4.1 allows remote attackers to execute arbitrary SQL commands via the service_selection parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Opsview
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.9%
CVE-2013-6172 HIGH PATCH This Week

steps/utils/save_pref.inc in Roundcube webmail before 0.8.7 and 0.9.x before 0.9.5 allows remote attackers to modify configuration settings via the _session parameter, which can be leveraged to read. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi RCE Webmail
NVD
CVSS 2.0
7.5
EPSS
1.1%
CVE-2013-4438 HIGH PATCH This Week

Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute arbitrary YAML code via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection RCE Salt
NVD
CVSS 2.0
7.5
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy