Skip to main content
CVE-2018-7198 MEDIUM POC PATCH This Month

October CMS through 1.0.431 allows XSS by entering HTML on the Add Posts page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS October
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
2.4%
CVE-2018-7197 MEDIUM POC This Month

An issue was discovered in Pluck through 4.7.4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Pluck
NVD GitHub
CVSS 3.0
6.1
EPSS
1.4%
CVE-2018-7212 MEDIUM PATCH This Month

An issue was discovered in rack-protection/lib/rack/protection/path_traversal.rb in Sinatra 2.x before 2.0.1 on Windows. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Path Traversal Sinatra
NVD GitHub
CVSS 3.0
5.3
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy