Skip to main content
CVE-2013-6227 HIGH POC PATCH THREAT Act Now

Unrestricted file upload vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to execute arbitrary code by. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 19.4%.

Zoho RCE PHP File Upload Ajaxplorer +1
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
19.4%
CVE-2013-6041 HIGH POC This Week

index.php in Softaculous Webuzo before 2.1.4 allows remote attackers to execute arbitrary commands via shell metacharacters in a SOFTCookies sid cookie within a login action. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PHP Webuzo
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
7.5%
CVE-2014-8514 HIGH PATCH This Week

Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Schneider Electric Buffer Overflow RCE Proclima
NVD
CVSS 2.0
7.5
EPSS
3.6%
CVE-2014-8513 HIGH PATCH This Week

Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Schneider Electric Buffer Overflow RCE Proclima
NVD
CVSS 2.0
7.5
EPSS
2.6%
CVE-2014-8512 HIGH PATCH This Week

Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Schneider Electric Buffer Overflow RCE Proclima
NVD
CVSS 2.0
7.5
EPSS
2.6%
CVE-2013-4793 HIGH This Week

The update function in umbraco.webservices/templates/templateService.cs in the TemplateService component in Umbraco CMS before 6.0.4 does not require authentication, which allows remote attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Umbraco Cms
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2014-0748 HIGH This Week

apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cray Linux Environment
NVD
CVSS 2.0
7.2
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy