Skip to main content
CVE-2019-1010178 CRITICAL POC Act Now

Fred MODX Revolution < 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE Fred
NVD
CVSS 3.1
9.8
EPSS
4.6%
CVE-2019-1010177 CRITICAL POC Act Now

Jsish 2.4.70 2.047 is affected by: Use After Free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Use After Free RCE Memory Corruption Jsish
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2019-1010191 CRITICAL PATCH Act Now

marginalia < 1.6 is affected by: SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Marginalia
NVD GitHub
CVSS 3.0
9.8
EPSS
1.4%
CVE-2019-1010179 CRITICAL Act Now

PHKP including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b is affected by: Improper Neutralization of Special Elements used in a Command ('Command Injection'). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Command Injection Phkp
NVD GitHub
CVSS 3.0
9.8
EPSS
2.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy