Skip to main content
CVE-2019-9647 MEDIUM POC This Month

Gila CMS 1.9.1 has XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Gila Cms
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
2.3%
CVE-2019-12543 MEDIUM POC This Month

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Zoho Manageengine Servicedesk Plus
NVD GitHub Exploit-DB
CVSS 3.0
6.1
EPSS
6.1%
CVE-2019-12542 MEDIUM POC This Month

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Zoho Manageengine Servicedesk Plus
NVD GitHub Exploit-DB
CVSS 3.0
6.1
EPSS
6.0%
CVE-2019-12541 MEDIUM POC This Month

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Zoho Manageengine Servicedesk Plus
NVD GitHub Exploit-DB
CVSS 3.0
6.1
EPSS
6.0%
CVE-2019-12538 MEDIUM POC This Month

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Zoho Manageengine Servicedesk Plus
NVD GitHub Exploit-DB
CVSS 3.0
6.1
EPSS
6.0%
CVE-2019-9158 MEDIUM POC This Month

Gemalto DS3 Authentication Server 2.6.1-SP01 has Broken Access Control. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ezio Ds3 Server
NVD
CVSS 3.0
5.7
EPSS
1.0%
CVE-2019-11226 MEDIUM POC This Month

CMS Made Simple 2.2.10 has XSS via the m1_name parameter in "Add Article" under Content -> Content Manager -> News. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Cms Made Simple
NVD
CVSS 3.0
5.4
EPSS
0.9%
CVE-2019-11946 MEDIUM This Month

A remote credential disclosure vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Intelligent Management Center
NVD
CVSS 3.0
6.5
EPSS
1.0%
CVE-2019-12616 MEDIUM POC PATCH THREAT This Month

An issue was discovered in phpMyAdmin before 4.9.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Phpmyadmin
NVD Exploit-DB
CVSS 3.0
6.5
EPSS
19.2%
CVE-2019-1870 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Enterprise Chat and Email (ECE) Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Enterprise Chat And Email
NVD
CVSS 3.0
6.1
EPSS
1.2%
CVE-2019-12741 MEDIUM PATCH This Month

XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library before 3.8.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Java Hapi Fhir
NVD GitHub
CVSS 3.0
6.1
EPSS
1.3%
CVE-2019-9157 MEDIUM This Month

Gemalto DS3 Authentication Server 2.6.1-SP01 allows Local File Disclosure. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Ezio Ds3 Server
NVD
CVSS 3.0
5.7
EPSS
0.7%
CVE-2019-1882 MEDIUM This Month

A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Industrial Network Director
NVD
CVSS 3.0
5.4
EPSS
0.9%
CVE-2019-1842 MEDIUM This Month

A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Apple Ios Xr Firmware
NVD
CVSS 3.1
5.4
EPSS
1.2%
CVE-2019-1872 MEDIUM This Month

A vulnerability in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Series software could allow an unauthenticated, remote attacker to cause an affected system to send. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Cisco Telepresence Video Communication Server
NVD
CVSS 3.0
5.3
EPSS
1.5%
CVE-2019-5392 MEDIUM POC This Month

A disclosure of information vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Intelligent Management Center
NVD Exploit-DB
CVSS 3.0
5.3
EPSS
7.1%
CVE-2019-5394 MEDIUM This Month

The HPE Nonstop Maintenance Entity family of products are vulnerable to local disclosure of information, such as system layout and configuration. Rated medium severity (CVSS 5.1). No vendor patch available.

Information Disclosure Blade Maintenance Entity Integrated Maintenance Entity Maintenance Entity
NVD
CVSS 3.0
5.1
EPSS
0.3%
CVE-2019-10637 MEDIUM This Month

Marvell SSD Controller (88SS1074, 88SS1079, 88SS1080, 88SS1093, 88SS1092, 88SS1095, 88SS9174, 88SS9175, 88SS9187, 88SS9188, 88SS9189, 88SS9190, 88SS1085, 88SS1087, 88SS1090, 88SS1100, 88SS1084,. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass 88Ss1074 Firmware 88Ss1079 Firmware 88Ss1080 Firmware 88Ss1093 Firmware +15
NVD
CVSS 3.0
4.6
EPSS
0.3%
CVE-2019-1880 MEDIUM This Month

A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System (UCS) C-Series Rack Servers could allow an authenticated, local attacker to install compromised BIOS firmware on an. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cisco Unified Computing System Server Firmware
NVD
CVSS 3.0
4.4
EPSS
0.2%
CVE-2019-5393 MEDIUM This Month

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.0
4.3
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy