Skip to main content
CVE-2014-4162 MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the Zyxel P-660HW-T1 (v3) wireless router allow remote attackers to hijack the authentication of administrators for requests that change. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Zyxel P 660Hw
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.4%
CVE-2014-4163 MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the Featured Comments plugin 1.2.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF WordPress PHP Featured Comments
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.2%
CVE-2014-4166 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the song history in SHOUTcast DNAS 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the mp3 title field. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Dnas
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
2.9%
CVE-2014-2003 HIGH This Week

JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

RCE Ichitaro Just Online Update
NVD
CVSS 2.0
7.6
EPSS
5.4%
CVE-2014-3994 MEDIUM POC PATCH This Month

Cross-site scripting (XSS) vulnerability in util/templatetags/djblets_js.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django, as used in Review Board, allows remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS Python Djblets Reviewboard
NVD GitHub
CVSS 2.0
4.3
EPSS
0.6%
CVE-2014-4165 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in ntop allows remote attackers to inject arbitrary web script or HTML via the title parameter in a list action to plugins/rrdPlugin. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Opensuse Ntop
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-3995 MEDIUM POC PATCH This Month

Cross-site scripting (XSS) vulnerability in gravatars/templatetags/gravatars.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS Python Djblets
NVD GitHub
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-4164 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in AlgoSec FireFlow 6.3-b230 allows remote attackers to inject arbitrary web script or HTML via a user signature to SelfService/Prefs.html. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Fireflow
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-3428 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary web script or HTML via the model parameter to servlet. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Voip Phone Firmware Voip Phone
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-2004 MEDIUM This Month

The PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 routers 1.00 through 3.10, SEIL/X1 routers 1.00 through 4.50, SEIL/X2 routers 1.00 through 4.50, SEIL/B1 routers 1.00 through 4.50, SEIL/Turbo. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Seil 2Fturbo Firmware Seil Turbo Seil 2Fneu 2Fe Plus Firmware +9
NVD
CVSS 2.0
5.0
EPSS
4.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy