Skip to main content
CVE-2013-7193 HIGH POC This Week

Multiple SQL injection vulnerabilities in C2C Forward Auction Creator 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) pa parameter to auction/asp/list.asp, or the (2) UserID. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi C2C Forward Auction Creator
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
2.0%
CVE-2013-7192 HIGH POC This Week

Multiple SQL injection vulnerabilities in Dynamic Biz Website Builder (QuickWeb) allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to apps/news-events/newdetail.asp,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Dynamic Biz Website Builder Quickweb
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.5%
CVE-2013-2627 HIGH POC This Week

SQL injection vulnerability in action.php in Leed (Light Feed), possibly before 1.5 Stable, allows remote attackers to execute arbitrary SQL commands via the id parameter in a removeFolder action. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Leed
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.4%
CVE-2013-2821 HIGH This Week

NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier and Orion5/Orion5r DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier allow remote. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Orion5 Dnp Master Orion5 Dnp Slave Orion5R Dnp Master Orion5R Dnp Slave +2
NVD
CVSS 2.0
7.1
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy