Skip to main content
CVE-2013-6936 HIGH POC This Week

Multiple SQL injection vulnerabilities in ajaxfs.php in the Ajax forum stat (Ajaxfs) Plugin 2.0 for MyBB (aka MyBulletinBoard) allow remote attackers to execute arbitrary SQL commands via the (1). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ajax Forum Stat
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.1%
CVE-2013-3519 HIGH This Week

lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows. Rated high severity (CVSS 7.9). No vendor patch available.

Privilege Escalation VMware Microsoft ESXi Workstation +3
NVD
CVSS 2.0
7.9
EPSS
0.2%
CVE-2013-6945 HIGH PATCH This Week

The M2M Broker in OSEHRA VistA, as distributed before September 30, 2013, allows attackers to bypass authentication and authorization to perform doctor-only actions and read or modify patient records. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Vista
NVD
CVSS 2.0
7.5
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy