Skip to main content
CVE-2015-6004 MEDIUM POC THREAT This Month

Multiple SQL injection vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to execute arbitrary SQL commands via (1) the UniqueID (aka sUniqueID) parameter to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.5%.

SQLi Whatsup Gold
NVD
CVSS 3.0
6.5
EPSS
11.5%
CVE-2015-6005 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to inject arbitrary web script or HTML via (1) an SNMP OID object, (2) an SNMP trap. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Whatsup Gold
NVD
CVSS 3.0
6.9
EPSS
0.2%
CVE-2015-8252 MEDIUM POC This Month

The Frontel protocol before 3 on RSI Video Technologies Videofied devices sends a cleartext serial number, which allows remote attackers to determine a hardcoded key by sniffing the network and. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Frontel Protocol
NVD
CVSS 3.0
5.9
EPSS
0.4%
CVE-2015-8254 MEDIUM POC This Month

The Frontel protocol before 3 on RSI Video Technologies Videofied devices does not use integrity protection, which makes it easier for man-in-the-middle attackers to (1) initiate a false alarm or (2). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Frontel Protocol
NVD
CVSS 3.0
5.9
EPSS
0.1%
CVE-2015-8262 MEDIUM This Month

Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Airstation Extreme N600 Firmware Airstation Extreme N600
NVD
CVSS 3.0
6.8
EPSS
0.6%
CVE-2015-7783 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Let's PHP!. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Pbbs
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2015-7665 MEDIUM This Month

Tails before 1.7 includes the wget program but does not prevent automatic fallback from passive FTP to active FTP, which allows remote FTP servers to discover the Tor client IP address by reading a. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tails
NVD
CVSS 3.0
5.3
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy