Skip to main content
CVE-2021-45420 CRITICAL POC THREAT Emergency

Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 26.0%.

RCE Denial Of Service Information Disclosure Dixell Xweb 500 Firmware
NVD VulDB
CVSS 3.1
9.8
EPSS
26.0%
Threat
4.2
CVE-2021-45421 HIGH POC This Week

Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Dixell Xweb 500 Firmware
NVD VulDB
CVSS 3.1
7.5
EPSS
1.6%
CVE-2021-25115 MEDIUM POC PATCH This Month

The WP Photo Album Plus WordPress plugin before 8.0.10 was vulnerable to Stored Cross-Site Scripting (XSS). Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress XSS Wp Photo Album Plus
NVD WPScan VulDB
CVSS 3.1
6.4
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy