Skip to main content
CVE-2019-9598 MEDIUM POC This Month

An issue was discovered in Cscms 4.1.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Cscms
NVD GitHub
CVSS 3.0
6.5
EPSS
0.5%
CVE-2019-3778 MEDIUM POC PATCH THREAT This Month

Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0.17, and older unsupported versions could be susceptible to an open redirector. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java Open Redirect Spring Security Oauth Banking Corporate Lending
NVD Exploit-DB
CVSS 3.1
6.5
EPSS
15.6%
CVE-2019-7661 MEDIUM POC This Month

An issue was discovered in PHPMyWind 5.5. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Phpmywind
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2019-7660 MEDIUM POC This Month

An issue was discovered in PHPMyWind 5.5. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Phpmywind
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2019-8439 MEDIUM POC This Month

An issue was discovered in DiliCMS 2.4.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Dilicms
NVD GitHub
CVSS 3.0
5.4
EPSS
0.7%
CVE-2019-8440 MEDIUM POC This Month

An issue was discovered in DiliCMS 2.4.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Dilicms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.7%
CVE-2019-8438 MEDIUM POC This Month

An issue was discovered in DiliCMS 2.4.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Dilicms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.7%
CVE-2019-9622 MEDIUM POC This Month

eBrigade through 4.5 allows Arbitrary File Download via ../ directory traversal in the showfile.php file parameter, as demonstrated by reading the user-data/save/backup.sql file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Ebrigade
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
4.8%
CVE-2019-3784 MEDIUM This Month

Cloud Foundry Stratos, versions prior to 2.3.0, contains an insecure session that can be spoofed. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Session Fixation Information Disclosure Stratos
NVD
CVSS 3.0
6.5
EPSS
1.1%
CVE-2019-3775 MEDIUM This Month

Cloud Foundry UAA, versions prior to v70.0, allows a user to update their own email address. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Uaa Release
NVD
CVSS 3.0
6.5
EPSS
0.9%
CVE-2019-3776 MEDIUM This Month

Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, contains a reflected cross site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Operations Manager
NVD
CVSS 3.0
5.4
EPSS
0.8%
CVE-2019-1600 MEDIUM PATCH This Month

A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive information that is stored in the file. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Privilege Escalation Cisco Firepower Extensible Operating System Nx Os
NVD
CVSS 3.1
4.4
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy