Skip to main content
CVE-2019-8911 MEDIUM POC This Month

An issue was discovered in WTCMS 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Wtcms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2019-8434 MEDIUM POC This Month

In CmsEasy 7.0, there is XSS via the ckplayer.php autoplay parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Cmseasy
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2019-8432 MEDIUM POC This Month

In CmsEasy 7.0, there is XSS via the ckplayer.php url parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Cmseasy
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2019-8426 MEDIUM POC This Month

skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS via the newControl array, as demonstrated by the newControl[MinTiltRange] parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Zoneminder
NVD GitHub
CVSS 3.0
6.1
EPSS
1.0%
CVE-2019-8425 MEDIUM POC This Month

includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Zoneminder
NVD GitHub
CVSS 3.0
6.1
EPSS
1.0%
CVE-2019-8902 MEDIUM POC This Month

An issue was discovered in idreamsoft iCMS through 7.0.14. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Icms
NVD GitHub
CVSS 3.0
5.7
EPSS
0.4%
CVE-2019-8436 MEDIUM POC This Month

imcat 4.5 has Stored XSS via the root/run/adm.php fm[instop][note] parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Imcat
NVD GitHub
CVSS 3.0
5.4
EPSS
0.6%
CVE-2019-8435 MEDIUM POC This Month

admin/default.php in PHPMyWind v5.5 has XSS via an HTTP Host header. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Phpmywind
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2019-8906 MEDIUM POC PATCH This Month

do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure File Ubuntu Linux Leap +4
NVD GitHub
CVSS 3.1
4.4
EPSS
0.5%
CVE-2019-8905 MEDIUM POC This Month

do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Debian Linux File Ubuntu Linux +1
NVD
CVSS 3.1
4.4
EPSS
0.5%
CVE-2019-0107 MEDIUM This Month

Insufficient user prompt in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Data Center Manager
NVD
CVSS 3.0
6.7
EPSS
0.5%
CVE-2019-0106 MEDIUM This Month

Insufficient run protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Data Center Manager
NVD
CVSS 3.0
6.7
EPSS
0.5%
CVE-2019-0111 MEDIUM This Month

Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Data Center Manager
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2019-0110 MEDIUM This Month

Insufficient key management for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Data Center Manager
NVD
CVSS 3.0
5.5
EPSS
0.5%
CVE-2019-0108 MEDIUM This Month

Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable disclosure of information via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Data Center Manager
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2019-0104 MEDIUM This Month

Insufficient file protection in uninstall routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Data Center Manager
NVD
CVSS 3.0
5.5
EPSS
0.5%
CVE-2019-0103 MEDIUM This Month

Insufficient file protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Information Disclosure Data Center Manager
NVD
CVSS 3.0
5.5
EPSS
0.5%
CVE-2019-0112 MEDIUM This Month

Improper flow control in crypto routines for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable a denial of service via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Data Center Manager
NVD
CVSS 3.0
4.4
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy