Skip to main content
CVE-2016-9681 MEDIUM POC PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in Serendipity before 2.0.5 allow remote authenticated users to inject arbitrary web script or HTML via a category or directory name. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Serendipity
NVD GitHub
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-10041 HIGH This Week

An issue was discovered in Sprecher Automation SPRECON-E Service Program before 3.43 SP0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Sprecon E Service Program
NVD
CVSS 3.0
7.5
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy