Skip to main content
CVE-2015-2562 HIGH POC THREAT Act Now

Multiple SQL injection vulnerabilities in the Web-Dorado ECommerce WD (com_ecommercewd) component 1.2.5 for Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 43.5%.

PHP SQLi Ecommerce Wd
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
43.5%
Threat
4.3
CVE-2015-2564 MEDIUM POC This Month

SQL injection vulnerability in client-edit.php in ProjectSend (formerly cFTP) r561 allows remote authenticated users to execute arbitrary SQL commands via the id parameter to users-edit.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Projectsend
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
4.3%
CVE-2015-1804 HIGH This Week

The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

RCE Denial Of Service Libxfont
NVD
CVSS 2.0
8.5
EPSS
2.3%
CVE-2015-1802 HIGH This Week

The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service (out-of-bounds write and crash). Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service RCE Buffer Overflow Libxfont
NVD
CVSS 2.0
8.5
EPSS
1.8%
CVE-2015-1803 HIGH This Week

The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

RCE Denial Of Service Ubuntu Linux Debian Linux Libxfont
NVD
CVSS 2.0
8.5
EPSS
1.7%
CVE-2015-2563 HIGH This Week

SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 0.9.9 and 1.2.3 allows remote attackers to execute arbitrary SQL commands via the order_by parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Phpvid
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2015-0671 MEDIUM This Month

The DNS implementation in Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) 3.2(1) allows remote attackers to cause a denial of service (CPU consumption and network-resource. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Videoscape Delivery System For Internet Streamer
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2015-0668 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the administration portal in Cisco WebEx Meetings Server 2.5 and 2.5.99.2 allows remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Webex Meetings Server
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy