Skip to main content
CVE-2021-42638 HIGH POC This Week

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

RCE Command Injection Web Stack
NVD VulDB
CVSS 3.1
8.1
EPSS
5.7%
CVE-2021-45416 MEDIUM POC PATCH This Month

Reflected Cross-site scripting (XSS) vulnerability in RosarioSIS 8.2.1 allows attackers to inject arbitrary HTML via the search_term parameter in the modules/Scheduling/Courses.php script. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS PHP Rosariosis
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
3.0%
CVE-2020-8562 LOW Monitor

As mitigations to a report from 2019 and CVE-2020-8555, Kubernetes attempts to prevent proxied connections from accessing link-local or localhost networks when making user-driven connections to. Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Kubernetes
NVD GitHub VulDB
CVSS 3.1
2.2
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy