Skip to main content
CVE-2014-1609 HIGH POC PATCH This Week

Multiple SQL injection vulnerabilities in MantisBT before 1.2.16 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to the (1) mc_project_get_attachments function in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP SQLi Debian Linux Mantisbt
NVD GitHub VulDB
CVSS 2.0
7.5
EPSS
0.6%
CVE-2013-3249 CRITICAL Act Now

Stack-based buffer overflow in the "Add from text file" feature in the DameWare Exporter tool (DWExporter.exe) in DameWare Remote Support 10.0.0.372, 9.0.1.247, and earlier allows user-assisted. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Memory Corruption Buffer Overflow RCE Dameware Remote Support
NVD VulDB
CVSS 2.0
9.3
EPSS
2.9%
CVE-2014-2219 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in whizzywig/wb.php in CMSimple Classic 3.54 and earlier, possibly as downloaded before February 26, 2014, allows remote attackers to inject arbitrary web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS PHP Cmsimple Classic
NVD VulDB
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-1970 MEDIUM This Month

Directory traversal vulnerability in the ES File Explorer File Manager application before 3.0.4 for Android allows remote attackers to overwrite or create arbitrary files via unspecified vectors. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal Google Es File Explorer
NVD VulDB
CVSS 2.0
5.8
EPSS
0.3%
CVE-2014-1904 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Java Spring Framework
NVD GitHub VulDB
CVSS 2.0
4.3
EPSS
1.8%
CVE-2013-0805 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the search feature in iTop (aka IT Operations Portal) 2.0, 1.2.1, 1.2, and earlier allow remote attackers to inject arbitrary web script or HTML. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS PHP Itop
NVD VulDB
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-2280 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the search feature in SeedDMS (formerly LetoDMS and MyDMS) before 4.3.4 allows remote attackers to inject arbitrary web script or HTML via the query. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Seeddms
NVD VulDB
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-1971 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Silex before 2.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Silex
NVD GitHub VulDB
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-2077 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the frontend in Open-Xchange (OX) AppSuite 7.4.1 before 7.4.1-rev10 and 7.4.2 before 7.4.2-rev8 allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Open Xchange Appsuite
NVD VulDB
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy