Skip to main content
CVE-2021-44832 MEDIUM PATCH This Month

Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has...

RCE Apache Java
NVD VulDB
CVSS 3.1
6.6
EPSS
53.6%
Threat
4.9
CVE-2021-45813 MEDIUM POC This Month

SLICAN WebCTI 1.01 2015 is affected by a Cross Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Webcti
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-45812 MEDIUM POC This Month

NUUO Network Video Recorder NVRsolo 3.9.1 is affected by a Cross Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Nvrsolo Firmware
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-45425 MEDIUM POC This Month

Reflected Cross Site Scripting (XSS) in SAFARI Montage versions 8.3 and 8.5 allows remote attackers to execute JavaScript codes. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple XSS Safari Montage
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
3.4%
CVE-2021-4179 MEDIUM POC PATCH This Month

livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Live Helper Chat
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-4177 MEDIUM POC PATCH This Month

livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Live Helper Chat
NVD GitHub
CVSS 3.1
5.3
EPSS
0.9%
CVE-2021-40579 MEDIUM This Month

https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Authentication Bypass Online Enrollment Management System
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-45903 MEDIUM This Month

A persistent cross-site scripting (XSS) issue in the web interface of SuiteCRM before 7.10.35, and 7.11.x and 7.12.x before 7.12.2, allows a remote attacker to introduce arbitrary JavaScript via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Suitecrm
NVD GitHub
CVSS 3.1
6.1
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy