Skip to main content
CVE-2013-4460 LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in account_sponsor_page.php in MantisBT 1.0.0 through 1.2.15 allows remote authenticated users to inject arbitrary web script or HTML via a project name. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

PHP XSS Mantisbt
NVD GitHub
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-1234 LOW POC Monitor

The paratrooper-newrelic gem 1.0.1 for Ruby allows local users to obtain the X-Api-Key value by listing the curl process. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Paratrooper Newrelic New Relic
NVD
CVSS 2.0
2.1
EPSS
0.2%
CVE-2014-1233 LOW POC Monitor

The paratrooper-pingdom gem 1.0.0 for Ruby allows local users to obtain the App-Key, username, and password values by listing the curl process. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Paratrooper Pingdom
NVD
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy