Skip to main content
CVE-2015-2824 HIGH POC PATCH THREAT Act Now

Multiple SQL injection vulnerabilities in the Simple Ads Manager plugin before 2.7.97 for WordPress allow remote attackers to execute arbitrary SQL commands via a (1) hits[][] parameter in a sam_hits. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.8%.

WordPress SQLi PHP Simple Ads Manager
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
11.8%
CVE-2015-0179 HIGH POC PATCH This Week

Notes System Diagnostic (NSD) in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows local users to obtain the System privilege via unspecified vectors, aka SPR TCHL9SST8V. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

IBM Privilege Escalation Domino
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.7%
CVE-2015-0119 HIGH PATCH This Week

FastBack Mount in IBM Tivoli Storage Manager FastBack 6.1.x before 6.1.11.1 allows remote attackers to execute arbitrary code by connecting to the Mount port. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

IBM RCE Authentication Bypass Tivoli Storage Manager Fastback
NVD
CVSS 2.0
7.5
EPSS
1.8%
CVE-2015-0877 HIGH This Week

Unrestricted file upload vulnerability in app/lib/mlf.pl in C-BOARD Moyuku before 1.03b3 allows remote attackers to execute arbitrary code by uploading a file with a \0 character in its name. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload C Board Moyuku
NVD
CVSS 2.0
7.5
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy