Skip to main content
CVE-2018-10723 CRITICAL POC Act Now

Directus 6.4.9 has a hardcoded admin password for the Admin account because of an INSERT statement in api/schema.sql. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Directus
NVD GitHub
CVSS 3.0
9.8
EPSS
1.3%
CVE-2018-10757 CRITICAL POC PATCH Act Now

CSP MySQL User Manager 2.3.1 allows SQL injection, and resultant Authentication Bypass, via a crafted username during a login attempt. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SQLi Authentication Bypass Csp Mysql User Manager
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
5.6%
CVE-2018-10758 MEDIUM POC This Month

The edit/ URI in Datenstrom Yellow 0.7.3 has CSRF via a delete action that can delete articles. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Yellow
NVD GitHub
CVSS 3.0
6.5
EPSS
0.5%
CVE-2018-10753 CRITICAL Act Now

Stack-based buffer overflow in the delayed_output function in music.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow Abcm2Ps Debian Linux +1
NVD GitHub
CVSS 3.1
9.8
EPSS
2.7%
CVE-2018-10752 MEDIUM POC This Month

The Tagregator plugin 0.6 for WordPress has stored XSS via the title field in an Add New action. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Tagregator
NVD Exploit-DB
CVSS 3.0
4.8
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy