Skip to main content
CVE-2014-0619 MEDIUM POC This Month

Untrusted search path vulnerability in Hamster Free ZIP Archiver 2.0.1.7 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

RCE Hamster Free Zip Archiver
NVD
CVSS 2.0
6.9
EPSS
0.1%
CVE-2014-7281 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in Shenzhen Tenda Technology Tenda A32 Router with firmware 5.07.53_CN allows remote attackers to hijack the authentication of administrators for. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Tenda A32 Firmware A32
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.3%
CVE-2014-8073 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in OpenMRS 2.1 Standalone Edition allows remote attackers to hijack the authentication of administrators for requests that add a new user via a Save. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Openmrs
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2014-7292 MEDIUM POC This Month

Open redirect vulnerability in the Click-Through feature in Newtelligence dasBlog 2.1 (2.1.8102.813), 2.2 (2.2.8279.16125), and 2.3 (2.3.9074.18820) allows remote attackers to redirect users to. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Open Redirect Dasblog
NVD
CVSS 2.0
5.8
EPSS
0.5%
CVE-2014-2230 MEDIUM POC This Month

Open redirect vulnerability in the header function in adclick.php in OpenX 2.8.10 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP Open Redirect Openx
NVD
CVSS 2.0
5.8
EPSS
0.4%
CVE-2014-8071 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in OpenMRS 2.1 Standalone Edition allow remote attackers to inject arbitrary web script or HTML via the (1) givenName, (2) familyName, (3). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Openmrs
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-8072 MEDIUM POC This Month

The administration module in OpenMRS 2.1 Standalone Edition allows remote authenticated users to obtain read access via a direct request to /admin. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Openmrs
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2014-4766 MEDIUM This Month

IBM Sametime Classic Meeting Server 8.0.x and 8.5.x allows remote attackers to obtain sensitive information by reading an exported Record and Playback (RAP) file. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Classic Meeting Server
NVD
CVSS 2.0
5.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy