Skip to main content
CVE-2013-5036 HIGH POC PATCH THREAT Act Now

The Square Squash allows remote attackers to execute arbitrary code via a YAML document in the (1) namespace parameter to the deobfuscation function or (2) sourcemap parameter to the sourcemap. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 80.5%.

RCE Code Injection Square Squash
NVD Exploit-DB GitHub
CVSS 2.0
7.5
EPSS
80.5%
Threat
5.4
CVE-2014-3871 HIGH POC This Week

Multiple SQL injection vulnerabilities in register.php in Geodesic Solutions GeoCore MAX 7.3.3 (formerly GeoClassifieds and GeoAuctions) allow remote attackers to execute arbitrary SQL commands via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Geocore Max
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.9%
CVE-2014-3872 HIGH POC This Week

Multiple SQL injection vulnerabilities in the administration login page in D-Link DAP-1350 (Rev. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi D-Link Dap 1350 Firmware Dap 1350
NVD
CVSS 2.0
7.5
EPSS
0.2%
CVE-2013-0724 HIGH This Week

PHP remote file inclusion vulnerability in includes/generate-pdf.php in the WP ecommerce Shop Styling plugin for WordPress before 1.8 allows remote attackers to execute arbitrary PHP code via a URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE WordPress PHP Code Injection Wp Ecommerce Shop Styling
NVD
CVSS 2.0
7.5
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy