Skip to main content
CVE-2021-44518 MEDIUM POC This Month

An issue was discovered in the eGeeTouch 3rd Generation Travel Padlock application for Android. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Google Information Disclosure Egeetouch Manager
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2021-3944 MEDIUM POC PATCH This Month

bookstack is vulnerable to Cross-Site Request Forgery (CSRF). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

CSRF Bookstack
NVD GitHub
CVSS 3.1
6.8
EPSS
0.6%
CVE-2021-43682 MEDIUM POC This Month

thinkphp-bjyblog (last update Jun 4 2021) is affected by a Cross Site Scripting (XSS) vulnerability in AdminBaseController.class.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Thinkphp Bjyblog
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-43686 MEDIUM POC This Month

nZEDb v0.4.20 is affected by a Cross Site Scripting (XSS) vulnerability in www/pages/api.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Nzedb
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-43683 MEDIUM POC This Month

pictshare v1.5 is affected by a Cross Site Scripting (XSS) vulnerability in api/info.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Pictshare
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-43681 MEDIUM POC This Month

SakuraPanel v1.0.1.1 is affected by a Cross Site Scripting (XSS) vulnerability in /master/core/PostHandler.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Sakurapanel
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-25785 MEDIUM POC This Month

Taocms v2.5Beta5 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Management column. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Taocms
NVD GitHub
CVSS 3.1
4.8
EPSS
0.6%
CVE-2021-43327 MEDIUM POC This Month

An issue was discovered on Renesas RX65 and RX65N devices. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Rx65N Firmware Rx65 Firmware
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2021-44050 MEDIUM This Month

CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Information Disclosure Ca Network Flow Analysis
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2021-23260 MEDIUM This Month

Authenticated users with Site roles may inject XSS scripts via file names that will execute in the browser for this and other users of the same site. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Crafter Cms
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2021-43791 MEDIUM PATCH This Month

Zulip is an open source group chat application that combines real-time chat with threaded conversations. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Zulip
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2021-23261 MEDIUM This Month

Authenticated administrators may override the system configuration file and cause a denial of service. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Crafter Cms
NVD
CVSS 3.1
4.9
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy