Skip to main content
CVE-2013-3727 HIGH POC This Week

SQL injection vulnerability in Kasseler CMS before 2 r1232 allows remote authenticated users to execute arbitrary SQL commands via the groups[] parameter to admin.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP SQLi Kasseler Cms
NVD Exploit-DB VulDB
CVSS 2.0
7.5
EPSS
1.2%
CVE-2013-3729 MEDIUM POC PATCH This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler CMS before 2 r1232 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF PHP SQLi Kasseler Cms
NVD Exploit-DB VulDB
CVSS 2.0
6.8
EPSS
2.4%
CVE-2014-2043 MEDIUM POC This Month

SQL injection vulnerability in Resources/System/Templates/Data.aspx in Procentia IntelliPen before 1.1.18.1658 allows remote authenticated users to execute arbitrary SQL commands via the value. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Intellipen
NVD Exploit-DB VulDB
CVSS 2.0
6.5
EPSS
0.4%
CVE-2014-1877 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Phone, (2) Street, (3) Address line, (4) Zip code, or (5). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS PHP Dokeos
NVD VulDB
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-3728 LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in Kasseler CMS before 2 r1232 allows remote authenticated users with permissions to create categories to inject arbitrary web script or HTML via the cat. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

XSS PHP Kasseler Cms
NVD Exploit-DB VulDB
CVSS 2.0
3.5
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy