Skip to main content

Easyctf

3 CVEs product

Monthly

CVE-2015-0914 MEDIUM This Month

EasyCTF before 1.4 does not validate the session ID, which allows remote attackers to obtain access via a crafted HTTP request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Easyctf
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-0913 LOW Monitor

Cross-site scripting (XSS) vulnerability in EasyCTF before 1.4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS Easyctf
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-0912 MEDIUM This Month

EasyCTF before 1.4 allows remote authenticated users to write executable content to files via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Easyctf
NVD
CVSS 2.0
6.5
EPSS
0.4%
EPSS 0% CVSS 5.0
MEDIUM This Month

EasyCTF before 1.4 does not validate the session ID, which allows remote attackers to obtain access via a crafted HTTP request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Easyctf
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in EasyCTF before 1.4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS Easyctf
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

EasyCTF before 1.4 allows remote authenticated users to write executable content to files via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Easyctf
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy