Skip to main content
CVE-2018-8737 MEDIUM POC This Month

Bookme Control Panel 2.0 Application is vulnerable to stored XSS within the Customers "Book Me" function. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Bookme
NVD
CVSS 3.0
5.4
EPSS
0.5%
CVE-2018-8741 HIGH PATCH This Week

A directory traversal flaw in SquirrelMail 1.4.22 allows an authenticated attacker to exfiltrate (or potentially delete) files from the hosting server, related to ../ in the att_local_name field in. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal PHP Squirrelmail Debian Linux
NVD GitHub
CVSS 3.0
8.8
EPSS
4.5%
CVE-2018-8740 HIGH PATCH This Week

In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Sqlite Debian Linux
NVD
CVSS 3.0
7.5
EPSS
8.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy