Skip to main content
CVE-2017-5638 CRITICAL POC KEV PATCH THREAT Act Now

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Apache Information Disclosure
NVD Exploit-DB GitHub
CVSS 3.1
9.8
EPSS
94.3%
Threat
7.8
CVE-2017-6513 CRITICAL PATCH Act Now

The WHMCS Reseller Module V2 2.0.2 in Softaculous Virtualizor before 2.9.1.0 does not verify the user correctly, which allows remote authenticated users to control other virtual machines managed by. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Whmcs Reseller Module
NVD GitHub
CVSS 3.0
9.9
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy