Skip to main content
CVE-2014-3996 HIGH POC THREAT Act Now

SQL injection vulnerability in the LinkViewFetchServlet servlet in ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition before 9 build 90043, Password Manager. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 71.2%.

Zoho SQLi It360 Password Manager Pro Desktop Central
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
71.2%
Threat
5.1
CVE-2014-9144 HIGH POC This Week

Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to execute arbitrary commands via shell metacharacters in the ping field (setobject_ip parameter). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Td5130 Router Firmware
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
8.9%
CVE-2014-8990 HIGH POC PATCH This Week

default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Command Injection Debian Linux Fedora Lsyncd
NVD GitHub
CVSS 2.0
7.5
EPSS
4.3%
CVE-2014-9215 HIGH POC This Week

SQL injection vulnerability in the CheckEmail function in includes/functions.class.php in PBBoard 3.0.1 before 20141128 allows remote attackers to execute arbitrary SQL commands via the email. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Pbboard
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
2.4%
CVE-2014-3997 HIGH POC This Week

SQL injection vulnerability in the MetadataServlet servlet in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition 5 through 7 build 7003, IT360. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Zoho SQLi Manageengine Password Manager Pro Manageengine It360
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.3%
CVE-2014-2273 HIGH POC This Week

The hx170dec device driver in Huawei P2-6011 before V100R001C00B043 allows local users to read and write to arbitrary memory locations via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Huawei P2 6011 Firmware
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2014-7256 HIGH This Week

The (1) PPP Access Concentrator (PPPAC) and (2) Dial-Up Networking Internet Initiative Japan Inc. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Seil Plus Firmware Seil Plus Seil B1 Firmware Seil X1 Firmware +4
NVD
CVSS 2.0
7.8
EPSS
0.7%
CVE-2014-7255 HIGH This Week

Internet Initiative Japan Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Seil B1 Firmware Seil X2 Firmware Seil X1 Firmware Seil X86 Fuji Firmware
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2014-7253 HIGH This Week

FUJITSU F-12C, ARROWS Tab LTE F-01D, ARROWS Kiss F-03D, and REGZA Phone T-01D for Android allows local users to execute arbitrary commands via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Google Arrows Kiss F 03D Arrows Tab Lte F 01D F 12C +1
NVD
CVSS 2.0
7.2
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy