Skip to main content
CVE-2013-2287 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in views/notify.php in the Uploader plugin 1.0.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) notify or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS WordPress PHP Uploader
NVD Exploit-DB VulDB
CVSS 2.0
4.3
EPSS
9.2%
CVE-2014-2115 MEDIUM This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to hijack the authentication of arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Cisco Emergency Responder
NVD VulDB
CVSS 2.0
6.8
EPSS
0.1%
CVE-2012-4920 MEDIUM PATCH This Month

Directory traversal vulnerability in the zing_forum_output function in forum.php in the Zingiri Forum (aka Forums) plugin before 1.4.4 for WordPress allows remote attackers to read arbitrary files. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal WordPress PHP Forums
NVD VulDB
CVSS 2.0
5.0
EPSS
1.1%
CVE-2014-0789 MEDIUM This Month

Multiple buffer overflows in the OPC Automation 2.0 Server Object ActiveX control in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 and earlier, TLXCDSTOFS33 3.5 and earlier,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Heap Overflow Denial Of Service Schneider Electric Buffer Overflow Opc Factory Server Tlxcdlfofs +4
NVD
CVSS 2.0
5.0
EPSS
1.1%
CVE-2014-2143 MEDIUM This Month

The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE allows remote attackers to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Cisco Denial Of Service iOS Ios Xe
NVD VulDB
CVSS 2.0
5.0
EPSS
0.4%
CVE-2014-2117 MEDIUM This Month

Multiple open redirect vulnerabilities in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Open Redirect Emergency Responder
NVD VulDB
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-2116 MEDIUM This Month

Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject web pages and modify dynamic content via unspecified parameters, aka Bug ID CSCun37882. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Code Injection Emergency Responder
NVD VulDB
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-2114 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in UserServlet in Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Emergency Responder
NVD VulDB
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-0638 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in RSA Adaptive Authentication (On-Premise) 6.x and 7.x before 7.1 SP0 P2 allows remote attackers to inject arbitrary web script or HTML via vectors involving. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Rsa Adaptive Authentication On Premise
NVD VulDB
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-0637 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the back-office case-management application in RSA Adaptive Authentication (On-Premise) 6.x and 7.x before 7.1 SP0 P2 allows remote authenticated users to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Microsoft Rsa Adaptive Authentication On Premise
NVD VulDB
CVSS 2.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy