Skip to main content
CVE-2015-3933 CRITICAL POC PATCH Act Now

Multiple SQL injection vulnerabilities in inc/lib/User.class.php in MetalGenix GeniXCMS before 0.0.3-patch allow remote attackers to execute arbitrary SQL commands via the (1) email parameter or (2). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SQLi PHP Genixcms
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
2.4%
CVE-2017-16618 CRITICAL POC PATCH Act Now

An exploitable vulnerability exists in the YAML loading functionality of util.py in OwlMixin before 2.0.0a12. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Python Information Disclosure Owlmixin
NVD GitHub
CVSS 3.0
9.8
EPSS
2.0%
CVE-2017-16616 CRITICAL PATCH Act Now

An exploitable vulnerability exists in the YAML parsing functionality in the YAMLParser method in Interfaces.py in PyAnyAPI before 0.6.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Python Information Disclosure Pyanyapi
NVD GitHub
CVSS 3.0
9.8
EPSS
1.2%
CVE-2017-16615 CRITICAL PATCH Act Now

An exploitable vulnerability exists in the YAML parsing functionality in the parse_yaml_query method in parser.py in MLAlchemy before 0.2.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Python Information Disclosure Mlalchemy
NVD GitHub
CVSS 3.0
9.8
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy