Skip to main content
CVE-2018-13030 HIGH POC This Week

An issue was discovered in jpeg-compressor 0.1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow Jpeg Compressor
NVD GitHub
CVSS 3.0
7.8
EPSS
1.6%
CVE-2018-7475 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability for webdav/ticket/ URIs in IceWarp Mail Server 12.0.3 allows remote attackers to inject arbitrary web script or HTML. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Mail Server
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2018-13026 CRITICAL Act Now

An issue was discovered in gpmf-parser 1.1.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Gpmf Parser
NVD GitHub
CVSS 3.0
9.8
EPSS
1.6%
CVE-2018-12990 MEDIUM POC This Month

phpwcms 1.8.9 allows remote attackers to discover the installation path via an invalid csrf_token_value field. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Phpwcms
NVD
CVSS 3.0
5.3
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy