Skip to main content
CVE-2018-10371 MEDIUM POC This Month

An issue was discovered in the wunderfarm WF Cookie Consent plugin 1.1.3 for WordPress. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Wf Cookie Consent
NVD GitHub Exploit-DB
CVSS 3.0
6.1
EPSS
6.4%
CVE-2018-10259 MEDIUM POC This Month

An Authenticated Stored XSS vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Hrsale
NVD Exploit-DB
CVSS 3.0
5.4
EPSS
1.6%
CVE-2018-10365 MEDIUM POC This Month

An XSS issue was discovered in the Threads to Link plugin 1.3 for MyBB. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Threads To Link
NVD Exploit-DB
CVSS 3.0
5.4
EPSS
1.6%
CVE-2018-10581 MEDIUM POC This Month

In Octopus Deploy 3.4.x before 2018.4.7, an authenticated user is able to view/update/save variable values within the Tenant Variables area for Environments that do not exist within their associated. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Octopus Deploy
NVD GitHub
CVSS 3.0
5.4
EPSS
0.7%
CVE-2018-6242 MEDIUM This Month

Some NVIDIA Tegra mobile processors released prior to 2016 contain a buffer overflow vulnerability in BootROM Recovery Mode (RCM). Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Nvidia Buffer Overflow Tegra Bootrom Rcm
NVD
CVSS 3.0
6.8
EPSS
2.7%
CVE-2018-1502 MEDIUM PATCH This Month

IBM Content Manager Enterprise Edition Resource Manager 8.4.3 and 9.5 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Content Manager
NVD
CVSS 3.0
5.4
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy