Skip to main content
CVE-2019-9604 HIGH POC This Week

PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Cross-Site Request Forgery (CSRF) for Edit Profile actions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Online Lottery Php Readymade Script
NVD
CVSS 3.0
8.8
EPSS
0.6%
CVE-2019-9922 HIGH POC THREAT This Week

An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Je Messenger
NVD GitHub
CVSS 3.1
7.5
EPSS
10.6%
CVE-2019-6481 HIGH POC This Week

Abine Blur 7.8.2431 allows remote attackers to conduct "Second-Factor Auth Bypass" attacks by using the "Perform a right-click operation to access a forgotten dev menu to insert user passwords that. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Google Blur
NVD
CVSS 3.0
7.5
EPSS
2.1%
CVE-2019-9920 HIGH This Week

An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Je Messenger
NVD GitHub
CVSS 3.1
8.8
EPSS
1.3%
CVE-2019-10477 HIGH PATCH This Week

The FusionInventory plugin before 1.4 for GLPI 9.3.x and before 1.1 for GLPI 9.4.x mishandles sendXML actions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Fusioninventory
NVD GitHub
CVSS 3.0
7.5
EPSS
1.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy