Skip to main content
CVE-2017-6590 MEDIUM POC PATCH This Month

An issue was discovered in network-manager-applet (aka network-manager-gnome) in Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS, and 16.10. Rated medium severity (CVSS 6.3). Public exploit code available.

Ubuntu Mozilla Authentication Bypass Ubuntu Linux
NVD
CVSS 3.0
6.3
EPSS
0.1%
CVE-2017-6547 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in httpd on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Rt Ac53 Firmware
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
1.0%
CVE-2017-6562 MEDIUM POC This Month

XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=file&targetObjId=fileFolder-2&targetObjIdChild=[XSS] attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Agora Project
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-6561 MEDIUM POC This Month

XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=object&action=[XSS] attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Agora Project
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-6560 MEDIUM POC This Month

XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=misc&action=[XSS]&editObjId=[XSS] attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Agora Project
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-6591 MEDIUM POC This Month

There is a cross-site scripting vulnerability in django-epiceditor 0.2.3 via crafted content in a form field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Python Django Epiceditor
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-6589 MEDIUM POC This Month

EpicEditor through 0.2.3 has Cross-Site Scripting because of an insecure default marked.js configuration. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Epiceditor
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-6559 MEDIUM POC This Month

XSS in Agora-Project 3.2.2 exists with an index.php?disconnect=1&msgNotif[]=[XSS] attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Agora Project
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-6556 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the "adminpage > sitesetting > General Settings. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Cms Made Simple
NVD
CVSS 3.0
5.4
EPSS
0.1%
CVE-2017-6555 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in /admin/moduleinterface.php in CMS Made Simple 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the m1_description. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Cms Made Simple
NVD
CVSS 3.0
5.4
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy