Skip to main content
CVE-2018-11351 MEDIUM POC This Month

script.php in Jirafeau before 3.4.1 is affected by two stored Cross-Site Scripting (XSS) vulnerabilities. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Jirafeau
NVD
CVSS 3.0
6.1
EPSS
1.2%
CVE-2018-11350 MEDIUM POC This Month

An issue was discovered in Jirafeau before 3.4.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Jirafeau
NVD
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-13419 MEDIUM This Month

An issue has been found in libsndfile 1.0.28. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Libsndfile
NVD GitHub
CVSS 3.0
6.5
EPSS
1.3%
CVE-2018-13423 MEDIUM PATCH This Month

admin/themes/default/items/tag-form.php in Omeka before 2.6.1 allows XSS by adding or editing a tag. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Omeka
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-13422 MEDIUM This Month

TCExam before 14.1.2 has XSS via an ff_ or xl_ field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Tcexam
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy