Skip to main content
CVE-2014-8617 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the Web Action Quarantine Release feature in the WebGUI in Fortinet FortiMail before 4.3.9, 5.0.x before 5.0.8, 5.1.x before 5.1.5, and 5.2.x before 5.2.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Fortinet Fortimail
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-0934 MEDIUM This Month

Common LaTeX Service Interface (CLSI) before 0.1.3, as used in ShareLaTeX before 0.1.3, allows remote authenticated users to execute arbitrary code via ` (backtick) characters in a filename. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection RCE Sharelatex
NVD
CVSS 2.0
6.5
EPSS
1.6%
CVE-2015-2209 MEDIUM This Month

DLGuard 4.5 allows remote attackers to obtain the installation path via the c parameter to index.php. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Information Disclosure Dlguard
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-0656 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the login page in Cisco Network Analysis Module (NAM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Network Analysis Module Firmware
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy