Skip to main content
CVE-2013-6883 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Ditto Forensic Fieldstation Firmware Ditto Forensic Fieldstation
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
3.8%
CVE-2013-6882 MEDIUM POC THREAT This Month

Multiple cross-site scripting (XSS) vulnerabilities in CRU Ditto Forensic FieldStation with firmware 2013Oct15a and earlier allow (1) remote attackers to inject arbitrary web script or HTML via the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 11.3%.

XSS Ditto Forensic Fieldstation Firmware Ditto Forensic Fieldstation
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
11.3%
CVE-2013-6038 MEDIUM This Month

Stack-based buffer overflow in Trimble SketchUp Viewer 13.0.4124 allows remote attackers to execute arbitrary code via a crafted .SKP file. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE Sketchup Viewer
NVD
CVSS 2.0
6.8
EPSS
8.1%
CVE-2013-7129 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in ThemeBeans Blooog theme 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the jQuery parameter to assets/js/jplayer.swf. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

WordPress XSS Blooog Theme
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-6192 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF HP Operations Orchestration
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-6966 MEDIUM This Month

Open redirect vulnerability in Cisco WebEx Training Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul36031. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Open Redirect Cisco Webex Training Center
NVD
CVSS 2.0
5.8
EPSS
0.5%
CVE-2013-6193 MEDIUM This Month

Unspecified vulnerability on HP LaserJet M1522n and M2727; LaserJet Pro 100, 300, 400, CM1415fnw, CP1*, M121*, M1536dnf, and P1*; Color LaserJet CM* and CP*; and TopShot LaserJet Pro M275 printers. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Color Laserjet Cm1312Nfi Multifunction Printer Color Laserjet Cm2320N Multifunction Printer Color Laserjet Cp1515 +22
NVD
CVSS 2.0
5.0
EPSS
1.3%
CVE-2013-2816 MEDIUM This Month

The DNP3 component in Cooper Power Systems SMP 4, 4/DP, and 16 gateways allows physically proximate attackers to cause a denial of service (reboot or link outage) via crafted input over a serial line. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Smp 16 Gateway Data Concentrator Smp 4 Dp Gateway Data Concentrator Smp 4 Gateway Data Concentrator
NVD
CVSS 2.0
4.7
EPSS
0.1%
CVE-2013-6191 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Operations Orchestration
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2013-6733 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Web Application in the Classic Meeting Server in IBM Sametime 7.5.1.2 through 8.5.2.1 allows remote attackers to inject arbitrary web script or HTML. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Sametime
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-6327 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the HTTP Option in IBM Sterling Connect:Enterprise 1.3 before 1.3.0.2 iFix 1 and 1.4 before 1.4.0.0 iFix 1 allows remote attackers to inject arbitrary web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Sterling Connect Enterprise Http Option
NVD
CVSS 2.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy