Skip to main content
CVE-2014-0980 CRITICAL POC THREAT Emergency

Buffer overflow in Poster Software PUBLISH-iT 3.6d allows remote attackers to execute arbitrary code via a crafted PUI file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 81.6%.

Buffer Overflow RCE Publish It
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
81.6%
Threat
5.8
CVE-2013-1980 MEDIUM POC This Month

Buffer overflow in the get_dsmp function in loaders/masi_load.c in libxmp before 4.1.0 allows remote attackers to execute arbitrary code via a crafted MASI file. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Extended Module Player
NVD
CVSS 2.0
6.8
EPSS
4.9%
CVE-2013-3294 HIGH POC This Week

Multiple SQL injection vulnerabilities in Exponent CMS before 2.2.0 release candidate 1 allow remote attackers to execute arbitrary SQL commands via the (1) src or (2) username parameter to index.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Exponent Cms
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.6%
CVE-2014-1401 MEDIUM POC This Month

Multiple SQL injection vulnerabilities in AuraCMS 2.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) search parameter to mod/content/content.php or (2). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Auracms
NVD Exploit-DB GitHub
CVSS 2.0
6.5
EPSS
2.3%
CVE-2014-1459 MEDIUM POC This Month

SQL injection vulnerability in dg-admin/index.php in doorGets CMS 5.2 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the _position_down_id parameter. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi CSRF Doorgets Cms
NVD Exploit-DB GitHub
CVSS 2.0
6.5
EPSS
1.2%
CVE-2013-2639 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in CTERA Cloud Storage OS before 3.2.29.0, 3.2.42.0, and earlier allows remote attackers to inject arbitrary web script or HTML via the description in a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Cloud Storage Os
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
0.8%
CVE-2013-5012 MEDIUM This Month

Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.2 allow remote authenticated users to execute arbitrary SQL commands via. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Web Gateway
NVD
CVSS 2.0
6.5
EPSS
0.4%
CVE-2014-1237 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in synetics i-doit pro before 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the call parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS I Doit
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2013-5013 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.2 allow remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

PHP XSS Web Gateway
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2013-1413 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit open 0.9.9-7, i-doit pro 1.0 and earlier, and i-doit pro 1.0.2 when the 'sanitize user input' flag is not enabled, allow remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS I Doit
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-3933 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the JoomShopping (com_joomshopping) component before 4.3.1 for Joomla!. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

PHP XSS Joomshopping
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy