Skip to main content
CVE-2014-8682 HIGH POC PATCH THREAT Act Now

Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to (1). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 76.9%.

SQLi Gogs
NVD Exploit-DB GitHub
CVSS 2.0
7.5
EPSS
76.9%
Threat
5.3
CVE-2014-8681 HIGH POC PATCH This Week

SQL injection vulnerability in the GetIssues function in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.6.x before 0.5.6.1025 Beta allows remote attackers to execute arbitrary SQL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Gogs
NVD Exploit-DB GitHub
CVSS 2.0
7.5
EPSS
5.2%
CVE-2014-8388 HIGH This Week

Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Buffer Overflow Webaccess
NVD
CVSS 2.0
7.2
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy