Skip to main content
CVE-2015-6944 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to hijack the authentication of users for requests that execute arbitrary SQL commands via the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Jsp Mysql Administrador Web
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.2%
CVE-2015-6943 MEDIUM POC PATCH This Month

SQL injection vulnerability in the serendipity_checkCommentToken function in include/functions_comments.inc.php in Serendipity before 2.0.2, when "Use Tokens for Comment Moderation" is enabled,. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. Public exploit code available.

PHP SQLi Serendipity
NVD
CVSS 2.0
6.0
EPSS
0.3%
CVE-2015-6945 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to inject arbitrary web script or HTML via the bd parameter to sys/sys/listaBD2.jsp. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Jsp Mysql Administrador Web
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
3.5%
CVE-2015-6948 MEDIUM This Month

Heap-based buffer overflow in the Microsoft Word document conversion feature in Corel WordPerfect allows remote attackers to execute arbitrary code via a crafted document. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Buffer Overflow Microsoft Wordperfect
NVD
CVSS 2.0
6.8
EPSS
3.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy