Skip to main content
CVE-2015-7682 MEDIUM POC This Month

Multiple SQL injection vulnerabilities in pie-register/pie-register.php in the Pie Register plugin before 2.0.19 for WordPress allow remote administrators to execute arbitrary SQL commands via the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress SQLi PHP Pie Register
NVD GitHub
CVSS 2.0
6.5
EPSS
0.4%
CVE-2015-7377 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in pie-register/pie-register.php in the Pie Register plugin before 2.0.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS WordPress PHP Pie Register
NVD GitHub
CVSS 2.0
4.3
EPSS
5.8%
CVE-2015-7683 MEDIUM POC PATCH This Month

Absolute path traversal vulnerability in Font.php in the Font plugin before 7.5.1 for WordPress allows remote administrators to read arbitrary files via a full pathname in the url parameter to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal WordPress PHP Font
NVD
CVSS 2.0
4.0
EPSS
0.3%
CVE-2015-4948 MEDIUM This Month

netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors. Rated medium severity (CVSS 6.9). No vendor patch available.

IBM Privilege Escalation Vios Aix
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2015-5660 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF PHP Extplorer
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-1806 MEDIUM PATCH This Month

The combination filter Groovy script in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with job configuration permission to gain privileges and execute arbitrary code. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Jenkins RCE Privilege Escalation Openshift
NVD
CVSS 2.0
6.5
EPSS
0.6%
CVE-2014-6449 MEDIUM This Month

Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2015-6334 MEDIUM This Month

Cisco ASR 5000 and 5500 devices with software 18.0.0.57828 and 19.0.M0.61045 allow remote attackers to cause a denial of service (vpnmgr process restart) via a crafted header in a TACACS packet, aka. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Asr 5000 Software
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2015-1810 MEDIUM PATCH This Month

The HudsonPrivateSecurityRealm class in Jenkins before 1.600 and LTS before 1.596.1 does not restrict access to reserved names when using the "Jenkins' own user database" setting, which allows remote. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable.

Jenkins Privilege Escalation Openshift
NVD
CVSS 2.0
4.6
EPSS
0.4%
CVE-2015-6333 MEDIUM This Month

Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Application Policy Infrastructure Controller
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2015-1813 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Jenkins Openshift
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2015-1812 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Jenkins Openshift
NVD
CVSS 2.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy