Skip to main content

Sickrage

3 CVEs product

Monthly

CVE-2021-25926 PyPI MEDIUM POC PATCH This Month

In SiCKRAGE, versions 9.3.54.dev1 to 10.0.11.dev1 are vulnerable to Reflected Cross-Site-Scripting (XSS) due to user input not being validated properly in the `quicksearch` feature. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Sickrage
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-25925 PyPI MEDIUM POC PATCH This Month

in SiCKRAGE, versions 4.2.0 to 10.0.11.dev1 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly when processed by the server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Sickrage
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2018-9160 PyPI CRITICAL POC PATCH THREAT Act Now

SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Sickrage
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
76.5%
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

In SiCKRAGE, versions 9.3.54.dev1 to 10.0.11.dev1 are vulnerable to Reflected Cross-Site-Scripting (XSS) due to user input not being validated properly in the `quicksearch` feature. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Sickrage
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

in SiCKRAGE, versions 4.2.0 to 10.0.11.dev1 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly when processed by the server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Sickrage
NVD GitHub
EPSS 77% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Sickrage
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy