Skip to main content
CVE-2013-1668 HIGH POC This Week

The uploadFile function in upload/index.php in CosCMS before 1.822 allows remote administrators to execute arbitrary commands via shell metacharacters in the name of an uploaded file. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Command Injection PHP Coscms
NVD Exploit-DB GitHub
CVSS 2.0
8.5
EPSS
9.1%
CVE-2013-2757 HIGH PATCH This Week

Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C does not properly restrict access to VNC ports on the management network, which allows remote attackers to have. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Citrix Privilege Escalation Cloudplatform
NVD
CVSS 2.0
7.5
EPSS
1.9%
CVE-2014-3450 HIGH This Week

Unspecified vulnerability in Panda Gold Protection and Global Protection 2014 7.01.01 and earlier, Internet Security 2014 19.01.01 and earlier, and AV Pro 2014 13.01.01 and earlier allows local users. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Panda Av Pro 2014 Panda Global Protection 2014 Panda Gold Protection Panda Internet Security 2014 +1
NVD
CVSS 2.0
7.2
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy