Skip to main content
CVE-2019-9566 CRITICAL POC Act Now

FlarumChina v0.1.0-beta.7C has SQL injection via a /?q= request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Flarumchina
NVD
CVSS 3.0
9.8
EPSS
1.5%
CVE-2019-9552 CRITICAL POC Act Now

Eloan V3.0 through 2018-09-20 allows remote attackers to list files via a direct request to the p2p/api/ or p2p/lib/ or p2p/images/ URI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Eloan
NVD GitHub
CVSS 3.0
9.8
EPSS
2.0%
CVE-2019-9565 CRITICAL POC Act Now

Druide Antidote RX, HD, 8 before 8.05.2287, 9 before 9.5.3937 and 10 before 10.1.2147 allows remote attackers to steal NTLM hashes or perform SMB relay attacks upon a direct launch of the product, or. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Microsoft Mozilla Information Disclosure Antidote
NVD
CVSS 3.0
9.1
EPSS
2.1%
CVE-2019-9568 MEDIUM POC This Month

The "Forminator Contact Form, Poll & Quiz Builder" plugin before 1.6 for WordPress has SQL Injection via the wp-admin/admin.php?page=forminator-entries entry[] parameter if the attacker has the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi WordPress PHP Forminator
NVD
CVSS 3.1
6.5
EPSS
1.6%
CVE-2019-9567 MEDIUM POC This Month

The "Forminator Contact Form, Poll & Quiz Builder" plugin before 1.6 for WordPress has XSS via a custom input field of a poll. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Forminator
NVD
CVSS 3.1
6.1
EPSS
1.3%
CVE-2019-6235 CRITICAL Act Now

A memory corruption issue was addressed with improved validation. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Apple Memory Corruption Itunes +4
NVD
CVSS 3.0
10.0
EPSS
2.1%
CVE-2019-6206 CRITICAL Act Now

An issue existed with autofill resuming after it was canceled. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Iphone Os
NVD
CVSS 3.0
9.8
EPSS
1.5%
CVE-2019-9551 MEDIUM POC This Month

An issue was discovered in DOYO (aka doyocms) 2.3 through 2015-05-06. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Doyocms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2019-9563 HIGH PATCH This Week

In BlueMind 3.5.x before 3.5.11 Hotfix 7 and 4.x before 4.0-beta3, the contact application mishandles temporary uploads. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bluemind
NVD
CVSS 3.0
7.5
EPSS
1.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy