Skip to main content
CVE-2018-11522 MEDIUM POC This Month

Yosoro 1.0.4 has stored XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Yosoro
NVD GitHub Exploit-DB
CVSS 3.0
6.1
EPSS
4.3%
CVE-2018-11564 MEDIUM POC This Month

Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malicious code via the picture upload feature. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Pagekit
NVD Exploit-DB
CVSS 3.0
4.8
EPSS
3.2%
CVE-2018-11680 MEDIUM This Month

An issue was discovered in CmsEasy 6.1_20180508. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Cmseasy
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-1002100 MEDIUM PATCH This Month

In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Kubernetes
NVD GitHub
CVSS 3.0
5.5
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy