Skip to main content
CVE-2014-2921 HIGH POC PATCH This Week

The getObjectByToken function in Newsletter.php in the Pimcore_Tool_Newsletter module in pimcore 1.4.9 through 2.0.0 does not properly handle an object obtained by unserializing Lucene search data,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE PHP Code Injection Pimcore
NVD GitHub Exploit-DB VulDB
CVSS 2.0
7.5
EPSS
0.5%
CVE-2014-2922 MEDIUM POC This Month

The getObjectByToken function in Newsletter.php in the Pimcore_Tool_Newsletter module in pimcore 1.4.9 through 2.1.0 does not properly handle an object obtained by unserializing a pathname, which. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Code Injection Pimcore
NVD GitHub Exploit-DB VulDB
CVSS 2.0
6.4
EPSS
0.2%
CVE-2013-5459 MEDIUM This Month

Unspecified vulnerability in IBM Rational Software Architect (RSA) Design Manager and Rational Rhapsody Design Manager 3.x through 3.0.1 and 4.x before 4.0.6 allows remote authenticated users to. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Rhapsody Design Manager Rational Software Architect Design Manager
NVD VulDB
CVSS 2.0
5.5
EPSS
0.3%
CVE-2014-0932 LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 8.5 before HF105 and Sterling Selling and Fulfillment Foundation 9.0 before HF85 allows remote authenticated users to inject. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Sterling Order Management Sterling Selling And Fulfillment Foundation
NVD VulDB
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-0361 LOW Monitor

The default configuration of IBM 4690 OS, as used in Toshiba Global Commerce Solutions 4690 POS and other products, hashes passwords with the ADXCRYPT algorithm, which makes it easier for. Rated low severity (CVSS 3.0). No vendor patch available.

IBM Information Disclosure 4690 Point Of Sale Operating System
NVD VulDB
CVSS 2.0
3.0
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy