Skip to main content
CVE-2015-1422 MEDIUM POC THREAT This Month

Multiple cross-site scripting (XSS) vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) horder[], (2) jak_catid, (3) jak_content, (4). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 17.1%.

XSS PHP Gecko Cms
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
17.1%
CVE-2015-1424 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in Gecko CMS 2.2 and 2.3 allows remote attackers to hijack the authentication of administrators for requests that add an administrator user via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF PHP Gecko Cms
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.6%
CVE-2015-1423 MEDIUM POC This Month

Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote administrators to execute arbitrary SQL commands via the (1) jak_delete_log[] or (2) ssp parameter to admin/index.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Gecko Cms
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
0.9%
CVE-2014-8370 MEDIUM PATCH This Month

VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Privilege Escalation VMware Player Fusion +2
NVD
CVSS 2.0
6.4
EPSS
1.2%
CVE-2014-8894 MEDIUM PATCH This Month

Open redirect vulnerability in IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allows remote authenticated users to redirect users to arbitrary web sites and. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable.

IBM Open Redirect Tririga Application Platform
NVD
CVSS 2.0
4.9
EPSS
0.2%
CVE-2014-8895 MEDIUM PATCH This Month

IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allows remote attackers to bypass intended access restrictions and read the image files of arbitrary users via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

IBM Privilege Escalation Tririga Application Platform
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2015-0236 LOW PATCH Monitor

libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Mageia Libvirt Ubuntu Linux Enterprise Linux Desktop +3
NVD
CVSS 2.0
3.5
EPSS
0.7%
CVE-2014-8893 LOW PATCH Monitor

Multiple cross-site scripting (XSS) vulnerabilities in (1) mainpage.jsp and (2) GetImageServlet.img in IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allow. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Tririga Application Platform
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-1044 LOW PATCH Monitor

vmware-authd (aka the Authorization process) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allows attackers to cause a host OS denial of. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service VMware Workstation ESXi Player
NVD
CVSS 2.0
3.3
EPSS
0.3%
CVE-2015-1043 LOW PATCH Monitor

The Host Guest File System (HGFS) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware Fusion 6.x before 6.0.5 and 7.x before 7.0.1 allows guest OS users to cause a. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service VMware Fusion Workstation Player
NVD
CVSS 2.0
3.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy