Skip to main content
CVE-2015-0016 HIGH POC KEV PATCH THREAT Act Now

Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Path Traversal Microsoft
NVD Exploit-DB VulDB
CVSS 3.1
7.8
EPSS
92.1%
Threat
7.3
CVE-2014-100005 HIGH POC KEV PATCH THREAT Act Now

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

PHP D-Link CSRF
NVD VulDB
CVSS 3.1
8.0
EPSS
40.8%
Threat
5.8
CVE-2014-10021 HIGH POC THREAT Act Now

Unrestricted file upload vulnerability in UploadHandler.php in the WP Symposium plugin 14.11 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 78.5%.

RCE WordPress PHP File Upload Wp Symposium
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
78.5%
Threat
5.4
CVE-2014-100015 MEDIUM POC THREAT This Month

Directory traversal vulnerability in pdmwService.exe in SolidWorks Workgroup PDM 2014 allows remote attackers to write to arbitrary files via a .. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 77.3%.

Path Traversal File Upload Product Data Management
NVD Exploit-DB
CVSS 2.0
6.4
EPSS
77.3%
Threat
5.1
CVE-2015-0014 CRITICAL Emergency

Buffer overflow in the Telnet service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 80.8% and no vendor patch available.

RCE Buffer Overflow Microsoft Windows 7 Windows 8 +5
NVD
CVSS 2.0
10.0
EPSS
80.8%
Threat
4.4
CVE-2014-100002 MEDIUM POC THREAT This Month

Directory traversal vulnerability in ManageEngine SupportCenter Plus 7.9 before 7917 allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the attach parameter to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 78.9%.

Path Traversal Zoho Manageengine Supportcenter Plus
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
78.9%
Threat
4.9
CVE-2014-10037 HIGH POC THREAT Act Now

Directory traversal vulnerability in DomPHP 0.83 and earlier allows remote attackers to have unspecified impact via a .. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 65.4%.

Path Traversal PHP Domphp
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
65.4%
Threat
5.0
CVE-2015-0002 HIGH POC THREAT Act Now

The AhcVerifyAdminContext function in ahcache.sys in the Application Compatibility component in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 38.2%.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +4
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
38.2%
Threat
4.1
CVE-2014-10031 HIGH POC THREAT Act Now

Buffer overflow in the IMAPd service in Qualcomm Eudora WorldMail 9.0.333.0 allows remote attackers to execute arbitrary code via a long string in a UID command. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 39.4%.

Qualcomm Buffer Overflow RCE Eudora Worldmail
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
39.4%
Threat
4.2
CVE-2015-0004 HIGH POC THREAT Act Now

The User Profile Service (aka ProfSvc) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 24.1%.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
24.1%
CVE-2014-10011 HIGH POC THREAT Act Now

Stack-based buffer overflow in UltraCamLib in the UltraCam ActiveX Control (UltraCamX.ocx) for the TRENDnet SecurView camera TV-IP422WN allows remote attackers to execute arbitrary code via a long. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 20.8%.

RCE Buffer Overflow Tv Ip422W Tv Ip422Wn
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
20.8%
CVE-2015-0015 HIGH Act Now

Microsoft Windows Server 2003 SP2, Server 2008 SP2 and R2 SP1, and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (system hang and RADIUS outage) via crafted username. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 38.9% and no vendor patch available.

Denial Of Service Microsoft Windows Server 2003 Windows Server 2008 Windows Server 2012
NVD
CVSS 2.0
7.8
EPSS
38.9%
CVE-2014-100014 HIGH POC THREAT Act Now

Multiple stack-based buffer overflows in pdmwService.exe in SolidWorks Workgroup PDM 2014 SP2 allow remote attackers to execute arbitrary code via a long string in a (1) 2001, (2) 2002, or (3) 2003. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 10.1%.

RCE Buffer Overflow Product Data Management
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
10.1%
CVE-2014-10029 HIGH POC This Week

SQL injection vulnerability in profile.php in FluxBB before 1.4.13 and 1.5.x before 1.5.7 allows remote attackers to execute arbitrary SQL commands via the req_new_email parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Fluxbb
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
4.3%
CVE-2014-10023 HIGH POC This Week

Multiple SQL injection vulnerabilities in TopicsViewer 3.0 Beta 1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) edit_block.php, (2) edit_cat.php, (3). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Topicsviewer
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
4.1%
CVE-2015-0306 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.3%.

RCE Denial Of Service Google Buffer Overflow Microsoft +5
NVD
CVSS 2.0
10.0
EPSS
11.3%
CVE-2015-0303 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.3%.

RCE Denial Of Service Google Buffer Overflow Microsoft +5
NVD
CVSS 2.0
10.0
EPSS
11.3%
CVE-2014-10024 HIGH POC This Week

Multiple integer signedness errors in DirectShowDemuxFilter, as used in Divx Web Player, Divx Player, and other Divx plugins, allow remote attackers to execute arbitrary code via a (1) negative or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Directshowdemuxfilter Player Web Player
NVD
CVSS 2.0
7.5
EPSS
3.4%
CVE-2015-0304 CRITICAL PATCH Act Now

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

RCE Google Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
9.9%
CVE-2015-0309 CRITICAL PATCH Act Now

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

RCE Google Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
9.7%
CVE-2014-10015 HIGH POC This Week

SQL injection vulnerability in load-calendar.php in PHPJabbers Event Booking Calendar 2.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Event Booking Calendar
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
2.1%
CVE-2014-100020 HIGH POC This Week

SQL injection vulnerability in ChangeEmail.php in iTechClassifieds 3.03.057 allows remote attackers to execute arbitrary SQL commands via the PreviewNum parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Itechclassifieds
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
2.0%
CVE-2014-10013 HIGH POC This Week

SQL injection vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the keywordphrase parameter in a dosearch. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress SQLi Awp Classifieds
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.9%
CVE-2014-100003 HIGH POC This Week

SQL injection vulnerability in includes/ym-download_functions.include.php in the Code Futures YourMembers plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress SQLi PHP Yourmembers
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.5%
CVE-2014-100031 HIGH POC This Week

Multiple SQL injection vulnerabilities in Ganesha Digital Library (GDL) 4.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) download.php or (2) main.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ganesha Digital Library
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.2%
CVE-2015-0308 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe Google RCE Microsoft Adobe Air +3
NVD
CVSS 2.0
10.0
EPSS
8.7%
CVE-2014-10038 HIGH POC This Week

SQL injection vulnerability in agenda/indexdate.php in DomPHP 0.83 and earlier allows remote attackers to execute arbitrary SQL commands via the ids parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Domphp
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.0%
CVE-2014-10020 HIGH POC This Week

SQL injection vulnerability in login.php in Simple e-document 1.31 allows remote attackers to execute arbitrary SQL commands via the username parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simple E Document
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.0%
CVE-2014-100022 HIGH POC PATCH This Week

SQL injection vulnerability in question.php in the mTouch Quiz before 3.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the quiz parameter to wp-admin/edit.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress SQLi PHP Mtouch Quiz
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2014-10017 HIGH POC This Week

Multiple SQL injection vulnerabilities in the Welcart e-Commerce plugin 1.3.12 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) changeSort or (2) switch parameter in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress SQLi PHP E Commerce
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2014-10004 HIGH POC This Week

SQL injection vulnerability in admin/data_files/move.php in Maian Uploader 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Maian Uploader
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2014-100011 HIGH POC This Week

SQL injection vulnerability in /send-to in Sendy 1.1.9.1 allows remote attackers to execute arbitrary SQL commands via the c parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Sendy
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.3%
CVE-2014-100012 HIGH POC This Week

SQL injection vulnerability in /app in Sendy 1.1.8.4 allows remote attackers to execute arbitrary SQL commands via the i parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Sendy
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.2%
CVE-2015-0301 CRITICAL Act Now

Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Google Information Disclosure Microsoft Adobe Air Sdk And Compiler +3
NVD
CVSS 2.0
10.0
EPSS
7.4%
CVE-2014-10001 MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in PHPJabbers Appointment Scheduler 2.0 allow remote attackers to hijack the authentication of administrators for requests that (1) conduct. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS CSRF Appointment Scheduler
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
1.1%
CVE-2014-10014 MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in PHPJabbers Event Booking Calendar 2.0 allow remote attackers to hijack the authentication of administrators for requests that (1) change. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS CSRF Event Booking Calendar
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.9%
CVE-2014-10008 MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in Stark CRM 1.0 allow remote attackers to hijack the authentication of administrators for requests that add (1) an administrator via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Stark Crm
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.8%
CVE-2014-10019 MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in webconfig/wlan/country.html/country in the Teracom T2-B-Gawv1.4U10Y-BI modem allow remote attackers to hijack the authentication of. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF T2 B Gawv1 4U10Y Bi
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.6%
CVE-2014-10027 MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 router with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF D-Link Dap 1360 Firmware
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2014-10025 MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for requests. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF D-Link Dap 1360 Firmware
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2014-10034 MEDIUM POC This Month

Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the (1) iDisplayLength or (2) iDisplayStart. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Couponphp
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
1.9%
CVE-2014-100025 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in index.php/user_data/insert_user in Savsoft Quiz allows remote attackers to hijack the authentication of administrators for requests that create an. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF PHP Savsoft Quiz
NVD
CVSS 2.0
6.8
EPSS
0.3%
CVE-2014-10006 MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in Maian Uploader 4.0 allow remote attackers to hijack the authentication of unspecified users for requests that conduct cross-site. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS CSRF PHP Maian Uploader
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2014-10033 MEDIUM POC This Month

SQL injection vulnerability in the update_zone function in catalog/admin/geo_zones.php in osCommerce Online Merchant 2.3.3.4 and earlier allows remote administrators to execute arbitrary SQL commands. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Merchant
NVD Exploit-DB GitHub
CVSS 2.0
6.5
EPSS
0.9%
CVE-2014-10032 MEDIUM POC This Month

SQL injection vulnerability in news_popup.php in Taboada MacroNews 1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Taboada Macronews
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
0.2%
CVE-2014-10010 MEDIUM POC This Month

Directory traversal vulnerability in PHPJabbers Appointment Scheduler 2.0 allows remote attackers to read arbitrary files via a .. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Appointment Scheduler
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
7.2%
CVE-2014-100029 MEDIUM POC This Month

Multiple directory traversal vulnerabilities in class/session.php in Ganesha Digital Library (GDL) 4.2 allow remote attackers to read arbitrary files via a .. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Ganesha Digital Library
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
7.2%
CVE-2014-10035 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to inject arbitrary web script or HTML via the (1) sEcho parameter to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS PHP Couponphp
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
9.8%
CVE-2015-0305 CRITICAL Act Now

Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Adobe Google RCE Microsoft Adobe Air Sdk And Compiler +3
NVD
CVSS 2.0
9.3
EPSS
2.8%
CVE-2014-10030 MEDIUM POC This Month

Open redirect vulnerability in forums/login.php in FluxBB before 1.4.13 and 1.5.x before 1.5.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP Open Redirect Fluxbb
NVD
CVSS 2.0
5.8
EPSS
0.2%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy