Skip to main content
CVE-2013-6166 MEDIUM POC This Month

Google Chrome before 29 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Google Chrome
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.6%
CVE-2013-6167 MEDIUM POC This Month

Mozilla Firefox through 27 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Mozilla Firefox
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.4%
CVE-2012-1171 MEDIUM This Month

The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Information Disclosure
NVD GitHub
CVSS 2.0
5.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy