Skip to main content
CVE-2016-6483 HIGH POC PATCH THREAT Act Now

The media-file upload feature in vBulletin before 3.8.7 Patch Level 6, 3.8.8 before Patch Level 2, 3.8.9 before Patch Level 1, 4.x before 4.2.2 Patch Level 6, 4.2.3 before Patch Level 2, 5.x before. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.3%.

SSRF File Upload Vbulletin
NVD Exploit-DB
CVSS 3.0
8.6
EPSS
16.3%
CVE-2016-1470 HIGH POC This Week

Cross-site request forgery (CSRF) vulnerability in the web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to hijack the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Cisco Small Business 220 Series Smart Plus Switches
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2016-6893 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the authentication of arbitrary users for requests that. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Mailman
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2016-7123 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in the admin web interface in GNU Mailman before 2.1.15 allows remote attackers to hijack the authentication of administrators. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Mailman
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2016-5879 HIGH This Week

MQCLI on IBM MQ Appliance M2000 and M2001 devices allows local users to execute arbitrary shell commands via a crafted (1) Disaster Recovery or (2) High Availability command. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Mq Appliance Firmware
NVD
CVSS 3.0
8.8
EPSS
0.0%
CVE-2016-4853 HIGH This Week

AKABEi SOFT2 games allow remote attackers to execute arbitrary OS commands via crafted saved data, as demonstrated by Happy Wardrobe. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Happy Wardrobe
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2016-1472 HIGH This Week

The web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to cause a denial of service (interface outage) via a crafted HTTP request,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Small Business 220 Series Smart Plus Switches
NVD
CVSS 3.0
7.5
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy