Skip to main content

Hadsky

6 CVEs product

Monthly

CVE-2024-30886 MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability in the remotelink function of HadSky v7.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Hadsky
NVD GitHub
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-30885 MEDIUM POC This Month

Reflected Cross-Site Scripting (XSS) vulnerability in HadSky v7.6.3, allows remote attackers to execute arbitrary code and obtain sensitive information via the chklogin.php component . Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP XSS Hadsky
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-46428 HIGH POC This Week

An arbitrary file upload vulnerability in HadSky v7.12.10 allows attackers to execute arbitrary code via a crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Hadsky
NVD GitHub
CVSS 3.1
8.8
EPSS
1.0%
CVE-2023-3579 HIGH POC This Week

A vulnerability, which was classified as problematic, has been found in HadSky 7.11.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Hadsky
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-1685 HIGH POC This Week

A vulnerability was found in HadSky up to 7.11.8. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Command Injection Hadsky
NVD VulDB
CVSS 3.1
7.2
EPSS
4.1%
CVE-2023-1684 CRITICAL POC Act Now

A vulnerability was found in HadSky 7.7.16. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Hadsky
NVD VulDB
CVSS 3.1
9.8
EPSS
0.9%
EPSS 0% CVSS 5.4
MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability in the remotelink function of HadSky v7.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Hadsky
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM POC This Month

Reflected Cross-Site Scripting (XSS) vulnerability in HadSky v7.6.3, allows remote attackers to execute arbitrary code and obtain sensitive information via the chklogin.php component . Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP XSS +1
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

An arbitrary file upload vulnerability in HadSky v7.12.10 allows attackers to execute arbitrary code via a crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Hadsky
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

A vulnerability, which was classified as problematic, has been found in HadSky 7.11.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Hadsky
NVD GitHub VulDB
EPSS 4% CVSS 7.2
HIGH POC This Week

A vulnerability was found in HadSky up to 7.11.8. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Command Injection Hadsky
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability was found in HadSky 7.7.16. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Hadsky
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy