Skip to main content
CVE-2018-13115 MEDIUM POC This Month

Lack of an authentication mechanism in KERUI Wifi Endoscope Camera (YPC99) allows an attacker to watch or block the camera stream. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ypc99 Firmware
NVD
CVSS 3.0
6.5
EPSS
1.0%
CVE-2018-18579 MEDIUM POC This Month

Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/pm.php folder parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Dedecms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-18578 MEDIUM POC This Month

DedeCMS 5.7 SP2 allows XSS via the plus/qrcode.php type parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Dedecms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-15703 MEDIUM POC This Month

Advantech WebAccess 8.3.2 and below is vulnerable to multiple reflected cross site scripting vulnerabilities. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Webaccess
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-18553 MEDIUM POC This Month

Leanote 2.6.1 has XSS via the Blog Basic Setting title field, which is mishandled during rendering of the "likes" page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Leanote
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-12246 MEDIUM This Month

Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Web Isolation
NVD
CVSS 3.0
6.1
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy