Skip to main content
CVE-2014-4648 CRITICAL Act Now

Unspecified vulnerability in Piwigo before 2.6.3 has unknown impact and attack vectors, related to a "security failure.". Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Piwigo
NVD
CVSS 2.0
10.0
EPSS
0.4%
CVE-2014-2612 MEDIUM POC This Month

Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to obtain. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

HP Information Disclosure Microsoft Release Control
NVD Exploit-DB
CVSS 2.0
4.0
EPSS
9.1%
CVE-2014-2613 CRITICAL Act Now

Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to gain. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Information Disclosure Microsoft Release Control
NVD
CVSS 2.0
9.0
EPSS
0.2%
CVE-2014-4669 LOW POC Monitor

HP Enterprise Maps 1.00 allows remote authenticated users to read arbitrary files via a WSDL document containing an XML external entity declaration in conjunction with an entity reference within a. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

HP XXE Information Disclosure Enterprise Maps
NVD
CVSS 2.0
3.5
EPSS
0.3%
CVE-2014-3881 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in Intercom Web Kyukincho 3.x before 3.0.030 allows remote attackers to hijack the authentication of arbitrary users. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Web Kyukincho
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-6311 MEDIUM This Month

SQL injection vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM SQLi Marketing Platform
NVD
CVSS 2.0
6.5
EPSS
0.3%
CVE-2014-4649 MEDIUM This Month

SQL injection vulnerability in the photo-edit subsystem in Piwigo 2.6.x and 2.7.x before 2.7.0beta2 allows remote authenticated administrators to execute arbitrary SQL commands via the associate[]. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Piwigo
NVD
CVSS 2.0
6.5
EPSS
0.3%
CVE-2013-6309 MEDIUM This Month

IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to hijack sessions, and consequently read records, modify records, or conduct transactions, via an unspecified link injection. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

IBM RCE Code Injection Marketing Platform
NVD
CVSS 2.0
6.0
EPSS
0.4%
CVE-2014-0891 MEDIUM PATCH This Month

IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x before 8.0.0.9, and 8.5.x before 8.5.5.2 allows remote attackers to obtain sensitive information by leveraging incorrect request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Websphere Application Server
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-6308 MEDIUM This Month

IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to conduct phishing attacks and capture login credentials via an unspecified injection. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

IBM Code Injection Marketing Platform
NVD
CVSS 2.0
4.9
EPSS
0.2%
CVE-2014-2006 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Intercom Web Kyukincho 3.x before 3.0.030 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Web Kyukincho
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-6310 LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Marketing Platform
NVD
CVSS 2.0
3.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy