Skip to main content
CVE-2013-7186 CRITICAL POC THREAT Emergency

Buffer overflow in Steinberg MyMp3PRO 5.0 (Build 5.1.0.21) allows remote attackers to execute arbitrary code via a long string in a .m3u file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 33.7%.

Buffer Overflow RCE Mymp3Pro
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
33.7%
Threat
4.4
CVE-2013-7187 HIGH POC This Week

SQL injection vulnerability in form.php in the FormCraft plugin 1.3.7 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress SQLi PHP Formcraft
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
2.1%
CVE-2013-7189 HIGH POC This Week

Multiple SQL injection vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote attackers to execute arbitrary SQL commands via the cmbdomain parameter to (1) checktransferstatus.php, (2). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Autohoster
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.3%
CVE-2013-7190 MEDIUM POC THREAT This Month

Multiple directory traversal vulnerabilities in iScripts AutoHoster, possibly 2.4, allow remote attackers to read arbitrary files via the (1) tmpid parameter to websitebuilder/showtemplateimage.php,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.6%.

PHP Path Traversal Autohoster
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
11.6%
CVE-2013-6767 HIGH POC This Week

Stack-based buffer overflow in pepoly.dll in Quick Heal AntiVirus Pro 7.0.0.1 allows local users to execute arbitrary code or cause a denial of service (process crash) via a long *.text value in a PE. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Antivirus Pro
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.3%
CVE-2013-7188 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in KBKP Software HostBill before 2013-12-14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Hostbill
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2013-4576 LOW PATCH Monitor

GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Authentication Bypass Gnupg
NVD
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy