Skip to main content
CVE-2019-10262 CRITICAL POC Act Now

A SQL Injection issue was discovered in BlueCMS 1.6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Bluecms
NVD GitHub
CVSS 3.0
9.8
EPSS
1.5%
CVE-2019-9204 CRITICAL POC THREAT Act Now

SQL injection vulnerability in Nagios IM (component of Nagios XI) before 2.2.7 allows attackers to execute arbitrary SQL commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Incident Manager
NVD
CVSS 3.1
9.8
EPSS
19.7%
CVE-2019-9203 CRITICAL POC THREAT Act Now

Authorization bypass in Nagios IM (component of Nagios XI) before 2.2.7 allows closing incidents in IM via the API. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Incident Manager
NVD
CVSS 3.1
9.8
EPSS
20.4%
CVE-2019-9165 CRITICAL POC Act Now

SQL injection vulnerability in Nagios XI before 5.5.11 allows attackers to execute arbitrary SQL commands via the API when using fusekeys and malicious user id. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Nagios Xi
NVD
CVSS 3.1
9.8
EPSS
5.3%
CVE-2019-1003041 CRITICAL PATCH Act Now

A sandbox bypass vulnerability in Jenkins Pipeline: Groovy Plugin 2.64 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Pipeline Openshift Container Platform
NVD
CVSS 3.1
9.8
EPSS
3.4%
CVE-2019-1003040 CRITICAL PATCH Act Now

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Script Security Openshift Container Platform
NVD
CVSS 3.1
9.8
EPSS
3.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy