#ExploitObserverAlert
CVE-2021-23338
DESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2021-23338. This affects all versions of package qlib. The workflow function in cli part of qlib was using an unsafe YAML load function.
FIRST-EPSS: 0.000990000
NVD-IS: 5.9
NVD-ES: 1.2
ARPS-PRIORITY: 0.7771163
CVE-2021-23338
DESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2021-23338. This affects all versions of package qlib. The workflow function in cli part of qlib was using an unsafe YAML load function.
FIRST-EPSS: 0.000990000
NVD-IS: 5.9
NVD-ES: 1.2
ARPS-PRIORITY: 0.7771163
#ExploitObserverAlert
CVE-2023-38964
DESCRIPTION: Exploit Observer has 7 entries in 4 file formats related to CVE-2023-38964. Creative Item Academy LMS 6.0 was discovered to contain a cross-site scripting (XSS) vulnerability.
FIRST-EPSS: 0.000710000
NVD-IS: 2.7
NVD-ES: 2.8
ARPS-PRIORITY: 0.958733
CVE-2023-38964
DESCRIPTION: Exploit Observer has 7 entries in 4 file formats related to CVE-2023-38964. Creative Item Academy LMS 6.0 was discovered to contain a cross-site scripting (XSS) vulnerability.
FIRST-EPSS: 0.000710000
NVD-IS: 2.7
NVD-ES: 2.8
ARPS-PRIORITY: 0.958733
#ExploitObserverAlert
CVE-2016-7148
DESCRIPTION: Exploit Observer has 18 entries in 2 file formats related to CVE-2016-7148. MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=AttachFile (via page name) component.
FIRST-EPSS: 0.002030000
NVD-IS: 2.7
NVD-ES: 2.8
ARPS-PRIORITY: 0.8574324
CVE-2016-7148
DESCRIPTION: Exploit Observer has 18 entries in 2 file formats related to CVE-2016-7148. MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=AttachFile (via page name) component.
FIRST-EPSS: 0.002030000
NVD-IS: 2.7
NVD-ES: 2.8
ARPS-PRIORITY: 0.8574324
#ExploitObserverAlert
CVE-2016-3068
DESCRIPTION: Exploit Observer has 44 entries in 5 file formats related to CVE-2016-3068. Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.
FIRST-EPSS: 0.052080000
NVD-IS: 5.9
NVD-ES: 2.8
ARPS-PRIORITY: 0.752969
CVE-2016-3068
DESCRIPTION: Exploit Observer has 44 entries in 5 file formats related to CVE-2016-3068. Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.
FIRST-EPSS: 0.052080000
NVD-IS: 5.9
NVD-ES: 2.8
ARPS-PRIORITY: 0.752969
#ExploitObserverAlert
PD/http/vulnerabilities/titan/titannit-web-rce
DESCRIPTION: Exploit Observer has 4 entries in 4 file formats related to PD/http/vulnerabilities/titan/titannit-web-rce. The vulnerability in the device enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the 'getcommand' query within the application,allowing the attacker to gain root access.
ARPS-PRIORITY: 0.9571059
PD/http/vulnerabilities/titan/titannit-web-rce
DESCRIPTION: Exploit Observer has 4 entries in 4 file formats related to PD/http/vulnerabilities/titan/titannit-web-rce. The vulnerability in the device enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the 'getcommand' query within the application,allowing the attacker to gain root access.
ARPS-PRIORITY: 0.9571059
#ExploitObserverAlert
CVE-2024-4348
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2024-4348. A vulnerability, which was classified as problematic, was found in osCommerce 4. Affected is an unknown function of the file /catalog/all-products. The manipulation of the argument cat leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-262488. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
FIRST-EPSS: 0.000450000
ARPS-PRIORITY: 0.8702569
CVE-2024-4348
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2024-4348. A vulnerability, which was classified as problematic, was found in osCommerce 4. Affected is an unknown function of the file /catalog/all-products. The manipulation of the argument cat leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-262488. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
FIRST-EPSS: 0.000450000
ARPS-PRIORITY: 0.8702569
#ExploitObserverAlert
CVE-2012-6081
DESCRIPTION: Exploit Observer has 22 entries in 5 file formats related to CVE-2012-6081. Multiple unrestricted file upload vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, as exploited in the wild in July 2012.
FIRST-EPSS: 0.954720000
NVD-IS: 6.4
NVD-ES: 6.8
ARPS-PRIORITY: 0.9741913
CVE-2012-6081
DESCRIPTION: Exploit Observer has 22 entries in 5 file formats related to CVE-2012-6081. Multiple unrestricted file upload vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, as exploited in the wild in July 2012.
FIRST-EPSS: 0.954720000
NVD-IS: 6.4
NVD-ES: 6.8
ARPS-PRIORITY: 0.9741913
#ExploitObserverAlert
CVE-2015-8309
DESCRIPTION: Exploit Observer has 12 entries in 5 file formats related to CVE-2015-8309. Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download."
FIRST-EPSS: 0.009720000
NVD-IS: 1.4
NVD-ES: 2.8
ARPS-PRIORITY: 0.8553453
CVE-2015-8309
DESCRIPTION: Exploit Observer has 12 entries in 5 file formats related to CVE-2015-8309. Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download."
FIRST-EPSS: 0.009720000
NVD-IS: 1.4
NVD-ES: 2.8
ARPS-PRIORITY: 0.8553453
#ExploitObserverAlert
CVE-2024-1597
DESCRIPTION: Exploit Observer has 240 entries in 7 file formats related to CVE-2024-1597. pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.28 are affected.
FIRST-EPSS: 0.000990000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.7555719
CVE-2024-1597
DESCRIPTION: Exploit Observer has 240 entries in 7 file formats related to CVE-2024-1597. pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.28 are affected.
FIRST-EPSS: 0.000990000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.7555719
#ExploitObserverAlert
CVE-2024-31080
DESCRIPTION: Exploit Observer has 42 entries in 7 file formats related to CVE-2024-31080. A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
FIRST-EPSS: 0.000460000
ARPS-PRIORITY: 0.7092201
CVE-2024-31080
DESCRIPTION: Exploit Observer has 42 entries in 7 file formats related to CVE-2024-31080. A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
FIRST-EPSS: 0.000460000
ARPS-PRIORITY: 0.7092201
#ExploitObserverAlert
CVE-2024-0235
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2024-0235. The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog
FIRST-EPSS: 0.005420000
NVD-IS: 1.4
NVD-ES: 3.9
ARPS-PRIORITY: 0.9506418
CVE-2024-0235
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2024-0235. The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog
FIRST-EPSS: 0.005420000
NVD-IS: 1.4
NVD-ES: 3.9
ARPS-PRIORITY: 0.9506418
#ExploitObserverAlert
CVE-2015-7293
DESCRIPTION: Exploit Observer has 12 entries in 4 file formats related to CVE-2015-7293. Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and earlier, and Plone before 5.x.
FIRST-EPSS: 0.003010000
NVD-IS: 5.9
NVD-ES: 2.8
ARPS-PRIORITY: 0.8750085
CVE-2015-7293
DESCRIPTION: Exploit Observer has 12 entries in 4 file formats related to CVE-2015-7293. Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and earlier, and Plone before 5.x.
FIRST-EPSS: 0.003010000
NVD-IS: 5.9
NVD-ES: 2.8
ARPS-PRIORITY: 0.8750085
#ExploitObserverAlert
CVE-2023-6546
DESCRIPTION: Exploit Observer has 199 entries in 9 file formats related to CVE-2023-6546. A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.
FIRST-EPSS: 0.000880000
NVD-IS: 5.9
NVD-ES: 1.0
ARPS-PRIORITY: 0.9632912
CVE-2023-6546
DESCRIPTION: Exploit Observer has 199 entries in 9 file formats related to CVE-2023-6546. A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.
FIRST-EPSS: 0.000880000
NVD-IS: 5.9
NVD-ES: 1.0
ARPS-PRIORITY: 0.9632912
#ExploitObserverAlert
CVE-2023-50387
DESCRIPTION: Exploit Observer has 86 entries in 13 file formats related to CVE-2023-50387. Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.
FIRST-EPSS: 0.036600000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-PRIORITY: 0.7316946
CVE-2023-50387
DESCRIPTION: Exploit Observer has 86 entries in 13 file formats related to CVE-2023-50387. Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.
FIRST-EPSS: 0.036600000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-PRIORITY: 0.7316946
#ExploitObserverAlert
CVE-2019-7139
DESCRIPTION: Exploit Observer has 14 entries in 4 file formats related to CVE-2019-7139. An unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database, which causes sensitive data leakage. This issue is fixed in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.
FIRST-EPSS: 0.099120000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.7756642
CVE-2019-7139
DESCRIPTION: Exploit Observer has 14 entries in 4 file formats related to CVE-2019-7139. An unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database, which causes sensitive data leakage. This issue is fixed in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.
FIRST-EPSS: 0.099120000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.7756642
#ExploitObserverAlert
CVE-2015-4455
DESCRIPTION: Exploit Observer has 11 entries in 2 file formats related to CVE-2015-4455. Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on For Gravity Forms plugin 3.0 beta for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/uploads/gform_aviary.
FIRST-EPSS: 0.558560000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.8574324
CVE-2015-4455
DESCRIPTION: Exploit Observer has 11 entries in 2 file formats related to CVE-2015-4455. Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on For Gravity Forms plugin 3.0 beta for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/uploads/gform_aviary.
FIRST-EPSS: 0.558560000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.8574324
#ExploitObserverAlert
CVE-2024-4348
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2024-4348. A vulnerability, which was classified as problematic, was found in osCommerce 4. Affected is an unknown function of the file /catalog/all-products. The manipulation of the argument cat leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-262488. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
FIRST-EPSS: 0.000650000
ARPS-PRIORITY: 0.8702569
CVE-2024-4348
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2024-4348. A vulnerability, which was classified as problematic, was found in osCommerce 4. Affected is an unknown function of the file /catalog/all-products. The manipulation of the argument cat leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-262488. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
FIRST-EPSS: 0.000650000
ARPS-PRIORITY: 0.8702569
#ExploitObserverAlert
CVE-2023-42116
DESCRIPTION: Exploit Observer has 26 entries in 7 file formats related to CVE-2023-42116. Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-17515.
FIRST-EPSS: 0.000650000
ARPS-PRIORITY: 0.7508364
CVE-2023-42116
DESCRIPTION: Exploit Observer has 26 entries in 7 file formats related to CVE-2023-42116. Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-17515.
FIRST-EPSS: 0.000650000
ARPS-PRIORITY: 0.7508364
#ExploitObserverAlert
CVE-2023-38096
DESCRIPTION: Exploit Observer has 22 entries in 5 file formats related to CVE-2023-38096. NETGEAR ProSAFE Network Management System MyHandlerInterceptor Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of NETGEAR ProSAFE Network Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MyHandlerInterceptor class. The issue results from improper implementation of the authentication mechanism. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19718.
FIRST-EPSS: 0.000470000
ARPS-PRIORITY: 0.9581497
CVE-2023-38096
DESCRIPTION: Exploit Observer has 22 entries in 5 file formats related to CVE-2023-38096. NETGEAR ProSAFE Network Management System MyHandlerInterceptor Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of NETGEAR ProSAFE Network Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MyHandlerInterceptor class. The issue results from improper implementation of the authentication mechanism. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19718.
FIRST-EPSS: 0.000470000
ARPS-PRIORITY: 0.9581497
#ExploitObserverAlert
CVE-2024-20993
DESCRIPTION: Exploit Observer has 10 entries in 2 file formats related to CVE-2024-20993. Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 1.2
ARPS-PRIORITY: 0.7533784
CVE-2024-20993
DESCRIPTION: Exploit Observer has 10 entries in 2 file formats related to CVE-2024-20993. Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 1.2
ARPS-PRIORITY: 0.7533784
#ExploitObserverAlert
CVE-2023-40498
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2023-40498. LG Simple Editor cp Command Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the cp command implemented in the makeDetailContent method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19925.
FIRST-EPSS: 0.001280000
ARPS-PRIORITY: 0.971984
CVE-2023-40498
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2023-40498. LG Simple Editor cp Command Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the cp command implemented in the makeDetailContent method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19925.
FIRST-EPSS: 0.001280000
ARPS-PRIORITY: 0.971984