Skip to main content
CVE-2019-9047 CRITICAL POC Act Now

GoRose v1.0.4 has SQL Injection when the order_by or group_by parameter can be controlled. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Gorose
NVD GitHub
CVSS 3.0
9.8
EPSS
1.5%
CVE-2019-9037 CRITICAL POC Act Now

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Matio
NVD GitHub
CVSS 3.0
9.1
EPSS
2.3%
CVE-2019-9035 CRITICAL POC Act Now

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Matio
NVD GitHub
CVSS 3.0
9.1
EPSS
2.3%
CVE-2019-9034 CRITICAL POC Act Now

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Matio
NVD GitHub
CVSS 3.0
9.1
EPSS
2.0%
CVE-2019-9033 CRITICAL POC Act Now

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Matio
NVD GitHub
CVSS 3.0
9.1
EPSS
2.1%
CVE-2019-9030 CRITICAL POC Act Now

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Matio
NVD GitHub
CVSS 3.0
9.1
EPSS
2.1%
CVE-2019-9028 CRITICAL POC Act Now

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Matio
NVD GitHub
CVSS 3.0
9.1
EPSS
2.0%
CVE-2019-9062 HIGH POC This Week

PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Request Forgery (CSRF) in my-account.php. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Online Food Ordering Script
NVD
CVSS 3.0
8.0
EPSS
0.5%
CVE-2019-9038 HIGH POC This Week

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Matio
NVD GitHub
CVSS 3.0
7.5
EPSS
2.0%
CVE-2019-9036 HIGH POC This Week

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Matio
NVD GitHub
CVSS 3.0
7.5
EPSS
2.1%
CVE-2019-9032 HIGH POC This Week

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Matio
NVD GitHub
CVSS 3.0
7.5
EPSS
1.7%
CVE-2019-9031 HIGH POC This Week

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Matio
NVD GitHub
CVSS 3.0
7.5
EPSS
1.7%
CVE-2019-9029 HIGH POC This Week

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Matio
NVD GitHub
CVSS 3.0
7.5
EPSS
1.7%
CVE-2019-9027 HIGH POC This Week

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Matio
NVD GitHub
CVSS 3.0
7.5
EPSS
1.7%
CVE-2019-9026 HIGH POC This Week

An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Matio
NVD GitHub
CVSS 3.0
7.5
EPSS
1.8%
CVE-2019-9050 HIGH POC This Week

An issue was discovered in Pluck 4.7.9-dev1. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Pluck
NVD GitHub
CVSS 3.0
7.2
EPSS
2.0%
CVE-2019-9042 HIGH POC This Week

An issue was discovered in Sitemagic CMS v4.4. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload RCE Sitemagic Cms
NVD
CVSS 3.0
7.2
EPSS
2.0%
CVE-2019-9041 HIGH POC THREAT This Week

An issue was discovered in ZZZCMS zzzphp V1.6.1. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE Zzzphp
NVD Exploit-DB
CVSS 3.0
7.2
EPSS
31.4%
CVE-2019-9065 MEDIUM POC This Month

PHP Scripts Mall Custom T-Shirt Ecommerce Script 3.1.1 allows parameter tampering of the payment amount. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Custom T Shirt Ecommerce Script
NVD
CVSS 3.0
6.5
EPSS
0.9%
CVE-2019-9063 MEDIUM POC This Month

PHP Scripts Mall Auction website script 2.0.4 allows parameter tampering of the payment amount. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Auction Website Script
NVD
CVSS 3.0
6.5
EPSS
0.9%
CVE-2019-9052 MEDIUM POC This Month

An issue was discovered in Pluck 4.7.9-dev1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Pluck
NVD GitHub
CVSS 3.0
6.5
EPSS
0.6%
CVE-2019-9051 MEDIUM POC This Month

An issue was discovered in Pluck 4.7.9-dev1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Pluck
NVD GitHub
CVSS 3.0
6.5
EPSS
0.6%
CVE-2019-9049 MEDIUM POC This Month

An issue was discovered in Pluck 4.7.9-dev1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Pluck
NVD GitHub
CVSS 3.0
6.5
EPSS
0.6%
CVE-2019-9048 MEDIUM POC This Month

An issue was discovered in Pluck 4.7.9-dev1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Pluck
NVD GitHub
CVSS 3.0
6.5
EPSS
0.6%
CVE-2019-9066 MEDIUM POC This Month

PHP Scripts Mall PHP Appointment Booking Script 3.0.3 allows HTML injection in a user profile. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Php Appointment Booking Script
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2019-9064 MEDIUM POC This Month

PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Cab Booking Script
NVD
CVSS 3.0
5.3
EPSS
1.9%
CVE-2019-9040 HIGH This Week

S-CMS PHP v3.0 has a CSRF vulnerability to add a new admin user via the admin/ajax.php?type=admin&action=add URI, a related issue to CVE-2018-19332. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP CSRF S Cms
NVD
CVSS 3.0
8.8
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy