Skip to main content
CVE-2018-14012 CRITICAL POC Act Now

WolfSight CMS 3.2 allows SQL injection via the PATH_INFO to the default URI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Wolfsight Cms
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
1.6%
CVE-2018-14009 CRITICAL POC THREAT Act Now

Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Codiad
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
38.4%
CVE-2018-12463 CRITICAL POC THREAT Act Now

An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XXE SSRF Fortify Software Security Center
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
13.8%
CVE-2018-13996 CRITICAL POC Act Now

Genann through 2018-07-08 has a stack-based buffer over-read in genann_train in genann.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Genann
NVD GitHub
CVSS 3.0
9.8
EPSS
1.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy