Skip to main content
CVE-2014-2340 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in the XCloner plugin before 3.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that create. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF WordPress PHP Xcloner
NVD Exploit-DB VulDB
CVSS 2.0
6.8
EPSS
1.4%
CVE-2014-0466 MEDIUM This Month

The fixps script in a2ps 4.14 does not use the -dSAFER option when executing gs, which allows context-dependent attackers to delete arbitrary files or execute arbitrary commands via a crafted. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure A2Ps
NVD VulDB
CVSS 2.0
6.8
EPSS
0.3%
CVE-2014-0093 MEDIUM This Month

Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2, when using a Java Security Manager (JSM), does not properly apply permissions defined by a policy file, which causes applications to be. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Red Hat Privilege Escalation Java Jboss Enterprise Application Platform
NVD VulDB
CVSS 2.0
5.8
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy