Skip to main content
CVE-2019-15055 MEDIUM POC This Month

MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3 improperly handles the disk name, which allows authenticated users to delete arbitrary files. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Mikrotik Routeros
NVD GitHub
CVSS 3.0
6.5
EPSS
2.2%
CVE-2019-15641 MEDIUM POC This Month

xmlrpc.cgi in Webmin through 1.930 allows authenticated XXE attacks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XXE Webmin
NVD
CVSS 3.0
6.5
EPSS
1.5%
CVE-2019-15501 MEDIUM POC This Month

Reflected cross site scripting (XSS) in L-Soft LISTSERV before 16.5-2018a exists via the /scripts/wa.exe OK parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Listserv
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
8.2%
CVE-2019-15532 MEDIUM POC PATCH This Month

CyberChef before 8.31.2 allows XSS in core/operations/TextEncodingBruteForce.mjs. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Cyberchef
NVD GitHub
CVSS 3.0
6.1
EPSS
1.3%
CVE-2019-15489 MEDIUM POC PATCH This Month

laracom (aka Laravel FREE E-Commerce Software) 1.4.11 has search?q= XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Laracom
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2019-8000 MEDIUM This Month

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop Cc
NVD
CVSS 3.0
6.5
EPSS
3.3%
CVE-2019-7999 MEDIUM This Month

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop Cc
NVD
CVSS 3.0
6.5
EPSS
3.8%
CVE-2019-7987 MEDIUM This Month

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop Cc
NVD
CVSS 3.0
6.5
EPSS
3.3%
CVE-2019-7981 MEDIUM This Month

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop Cc
NVD
CVSS 3.0
6.5
EPSS
3.3%
CVE-2019-7977 MEDIUM This Month

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop Cc
NVD
CVSS 3.0
6.5
EPSS
3.3%
CVE-2019-15515 MEDIUM PATCH This Month

Discourse 2.3.2 sends the CSRF token in the query string. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Discourse
NVD GitHub
CVSS 3.0
6.5
EPSS
0.6%
CVE-2019-15479 MEDIUM PATCH This Month

Status Board 1.1.81 has reflected XSS via dashboard.ts. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Status Board
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2019-15478 MEDIUM PATCH This Month

Status Board 1.1.81 has reflected XSS via logic.ts. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Status Board
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy