Skip to main content

Indexhibit

2 CVEs product

Monthly

CVE-2019-16314 CRITICAL POC THREAT Act Now

Indexhibit 2.1.5 allows a product reinstallation, with resultant remote code execution, via /ndxzstudio/install.php?p=2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE Indexhibit
NVD
CVSS 3.1
9.8
EPSS
38.7%
CVE-2019-8954 HIGH POC This Week

In Indexhibit 2.1.5, remote attackers can execute arbitrary code via the v parameter (in conjunction with the id parameter) in a upd_jxcode=true action to the ndxzstudio/?a=system URI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Indexhibit
NVD
CVSS 3.0
8.8
EPSS
2.7%
EPSS 39% CVSS 9.8
CRITICAL POC THREAT Act Now

Indexhibit 2.1.5 allows a product reinstallation, with resultant remote code execution, via /ndxzstudio/install.php?p=2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE Indexhibit
NVD
EPSS 3% CVSS 8.8
HIGH POC This Week

In Indexhibit 2.1.5, remote attackers can execute arbitrary code via the v parameter (in conjunction with the id parameter) in a upd_jxcode=true action to the ndxzstudio/?a=system URI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Indexhibit
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy