Skip to main content
CVE-2015-1054 LOW POC Monitor

Cross-site scripting (XSS) vulnerability in the Games feature in Crea8Social 2.0 allows remote authenticated users to inject arbitrary web script or HTML via the Game Content field in Add Game. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Crea8Social
NVD Exploit-DB
CVSS 2.0
3.5
EPSS
1.9%
CVE-2014-9478 LOW POC Monitor

Cross-site scripting (XSS) vulnerability in the preview in the ExpandTemplates extension for MediaWiki, when $wgRawHTML is set to true, allows remote attackers to inject arbitrary web script or HTML. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Mediawiki
NVD
CVSS 2.0
2.6
EPSS
0.3%
CVE-2014-9496 LOW POC PATCH Monitor

The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Libsndfile Opensuse Debian Linux Ubuntu Linux +1
NVD GitHub
CVSS 2.0
2.1
EPSS
0.1%
CVE-2014-9475 LOW Monitor

Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.19.23, 1.2x before 1.22.15, 1.23.x before 1.23.8, and 1.24.x before 1.24.1 allows remote authenticated users to inject. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS PHP Mediawiki
NVD
CVSS 2.0
3.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy