Skip to main content
CVE-2015-4133 HIGH POC PATCH THREAT Act Now

Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 75.2%.

WordPress PHP File Upload Reflex Gallery
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
75.2%
Threat
5.3
CVE-2015-1157 HIGH POC PATCH This Week

CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Apple Denial Of Service Iphone Os Mac Os X Itunes
NVD
CVSS 2.0
7.8
EPSS
8.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy