Skip to main content
CVE-2019-8418 HIGH POC This Week

SeaCMS 7.2 mishandles member.php?mod=repsw4 requests. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Seacms
NVD GitHub
CVSS 3.0
8.8
EPSS
1.3%
CVE-2019-8412 HIGH POC This Week

FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or delete arbitrary files via index.php?s=Admin-Data-Down-id-..\ or index.php?s=Admin-Data-Del-id-..\ directory traversal. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Microsoft Feifeicms
NVD GitHub
CVSS 3.0
8.8
EPSS
2.9%
CVE-2019-8382 HIGH POC This Week

An issue was discovered in Bento4 1.5.1-628. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Bento4
NVD GitHub
CVSS 3.0
8.8
EPSS
1.6%
CVE-2019-8380 HIGH POC This Week

An issue was discovered in Bento4 1.5.1-628. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Bento4
NVD GitHub
CVSS 3.0
8.8
EPSS
1.6%
CVE-2019-8378 HIGH POC This Week

An issue was discovered in Bento4 1.5.1-628. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Information Disclosure Bento4
NVD GitHub
CVSS 3.0
8.8
EPSS
1.6%
CVE-2019-8389 HIGH POC This Week

A file-read vulnerability was identified in the Wi-Fi transfer feature of Musicloud 1.6. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Musicloud
NVD GitHub
CVSS 3.1
8.1
EPSS
1.5%
CVE-2019-8383 HIGH POC This Week

An issue was discovered in AdvanceCOMP through 2.1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Advancecomp Debian Linux Fedora +3
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2019-8381 HIGH POC This Week

An issue was discovered in Tcpreplay 4.3.1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Tcpreplay Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
1.0%
CVE-2019-8379 HIGH POC This Week

An issue was discovered in AdvanceCOMP through 2.1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Advancecomp Debian Linux Fedora +3
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2019-8377 HIGH POC This Week

An issue was discovered in Tcpreplay 4.3.1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Tcpreplay Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
1.3%
CVE-2019-8376 HIGH POC This Week

An issue was discovered in Tcpreplay 4.3.1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Tcpreplay Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
1.3%
CVE-2019-7649 HIGH POC This Week

global.encryptPassword in bootstrap/global.js in CMSWing 1.3.7 relies on multiple MD5 operations for password hashing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cmswing
NVD GitHub
CVSS 3.0
7.5
EPSS
0.9%
CVE-2019-8411 HIGH POC This Week

admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to delete arbitrary files via action=del&filename=../ directory traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Zzcms
NVD GitHub
CVSS 3.0
7.5
EPSS
2.7%
CVE-2019-8392 HIGH POC This Week

An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure D-Link Dir 823G Firmware
NVD GitHub
CVSS 3.0
7.5
EPSS
2.2%
CVE-2019-7399 HIGH POC This Week

Amazon Fire OS before 5.3.6.4 allows a man-in-the-middle attack against HTTP requests for "Terms of Use" and Privacy pages. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Fire Os
NVD
CVSS 3.0
7.4
EPSS
0.7%
CVE-2019-8422 HIGH POC This Week

A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Pbootcms
NVD GitHub
CVSS 3.0
7.2
EPSS
1.3%
CVE-2019-8421 HIGH POC This Week

upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL Injection via the title or titleAlias parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Bagecms
NVD GitHub
CVSS 3.0
7.2
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy