Skip to main content
CVE-2019-12251 HIGH POC This Week

sadmin/ceditpost.php in UCMS 1.4.7 allows SQL Injection via the index.php?do=sadmin_ceditpost cvalue parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ucms
NVD GitHub
CVSS 3.0
8.8
EPSS
1.3%
CVE-2019-12269 HIGH POC This Week

Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a "correctly signed" message indication, but display different. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Jwt Attack Information Disclosure Enigmail
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2019-12270 HIGH This Week

OpenText Brava!. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Tomcat Microsoft Information Disclosure Brava
NVD
CVSS 3.0
7.4
EPSS
1.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy