Skip to main content
CVE-2014-9573 MEDIUM POC This Month

SQL injection vulnerability in manage_user_page.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote administrators with FILE privileges to execute arbitrary SQL commands via the. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP SQLi Mantisbt
NVD GitHub
CVSS 2.0
6.0
EPSS
0.4%
CVE-2014-8157 HIGH This Week

Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Opensuse Debian Linux +2
NVD
CVSS 2.0
7.5
EPSS
5.8%
CVE-2014-9571 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in admin/install.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the (1). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS PHP Mantisbt
NVD GitHub
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-1178 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in cart.php in X-Cart 5.1.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) product_id or (2) category_id. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS PHP X Cart
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-1179 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in data_point_details.shtm in Mango Automation 2.4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dpid,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Mango Automation
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-8158 MEDIUM This Month

Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service RCE Buffer Overflow Jasper Debian Linux +2
NVD
CVSS 2.0
6.8
EPSS
6.2%
CVE-2014-9572 HIGH This Week

MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 does not properly restrict access to /*/install.php, which allows remote attackers to obtain database credentials via the install parameter with. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Authentication Bypass Mantisbt
NVD
CVSS 2.0
7.5
EPSS
0.9%
CVE-2014-8148 HIGH This Week

The default D-Bus access control rule in Midgard2 10.05.7.1 allows local users to send arbitrary method calls or signals to any process on the system bus and possibly execute arbitrary code with root. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Opensuse Midgard2
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-1308 MEDIUM This Month

kde-workspace 4.2.0 and plasma-workspace before 5.1.95 allows remote attackers to obtain input events, and consequently obtain passwords, by leveraging access to the X server when the screen is. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Plasma Workspace Kde Workspace
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-1307 MEDIUM This Month

plasma-workspace before 5.1.95 allows remote attackers to obtain passwords via a Trojan horse Look and Feel package. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Plasma Workspace
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy