Skip to main content
CVE-2021-32730 MEDIUM POC PATCH This Month

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

CSRF Xwiki
NVD GitHub
CVSS 3.1
5.7
EPSS
0.6%
CVE-2021-36083 MEDIUM POC PATCH This Month

KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption Kimageformats
NVD GitHub
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-28424 MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability in Teachers Record Management System 1.0 allows remote authenticated users to inject arbitrary web script or HTML via the 'email' POST parameter in. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Teachers Record Management System
NVD Exploit-DB
CVSS 3.1
5.4
EPSS
1.3%
CVE-2021-31813 MEDIUM POC THREAT This Month

Zoho ManageEngine Applications Manager before 15130 is vulnerable to Stored XSS while importing malicious user details (e.g., a crafted user name) from AD. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Zoho Manageengine Applications Manager
NVD
CVSS 3.1
5.4
EPSS
78.3%
CVE-2021-35337 MEDIUM POC This Month

Sourcecodester Phone Shop Sales Managements System 1.0 is vulnerable to Insecure Direct Object Reference (IDOR). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Phone Shop Sales Management System
NVD Exploit-DB
CVSS 3.1
4.3
EPSS
0.8%
CVE-2021-20752 MEDIUM This Month

Cross-site scripting vulnerability in IkaIka RSS Reader all versions allows a remote attacker to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Ikalka Rss Reader
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-32729 MEDIUM PATCH This Month

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Xwiki
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-28803 MEDIUM This Month

This issue affects: QNAP Systems Inc. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap XSS Q Center
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-32731 MEDIUM PATCH This Month

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Xwiki
NVD GitHub
CVSS 3.1
5.3
EPSS
1.2%
CVE-2021-22344 MEDIUM This Month

There is an Improper Access Control vulnerability in Huawei Smartphone. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2021-22347 MEDIUM This Month

There is an Improper Access Control vulnerability in Huawei Smartphone. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Emui Magic Ui
NVD
CVSS 3.1
5.3
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy