Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2021
SQL Injection vulnerablity in MyBB before 1.8.26 via theme properties included in theme XML files.
CVSS Score
8.8
EPSS Score
0.106
Published
2021-03-15
SQL Injection vulnerability in MyBB before 1.8.26 via poll vote count. (issue 1 of 3).
CVSS Score
8.8
EPSS Score
0.042
Published
2021-03-15
SQL Injection vulnerability in MyBB before 1.8.26 via the Copy Forum feature in Forum Management. (issue 2 of 3).
CVSS Score
7.2
EPSS Score
0.009
Published
2021-03-15
SQL Injection vulnerability in MyBB before 1.8.26 via User Groups. (issue 3 of 3).
CVSS Score
7.2
EPSS Score
0.009
Published
2021-03-15
Cross-site Scripting vulnerability in MyBB before 1.8.26 via Custom moderator tools.
CVSS Score
6.1
EPSS Score
0.006
Published
2021-03-15
myDBR 5.8.3/4262 is affected by: Cross Site Scripting (XSS). The impact is: execute arbitrary code (remote). The component is: CSRF Token. The attack vector is: CSRF token injection to XSS.
CVSS Score
9.6
EPSS Score
0.019
Published
2021-03-15
The BackupDelete functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to delete arbitrary files on the underlying server by exploiting a path-traversal technique. (This vulnerability can also be exploited by an unauthenticated attacker due to a lack of CSRF protection.)
CVSS Score
8.1
EPSS Score
0.029
Published
2021-03-15
The Backup functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to read arbitrary local files on the underlying server by exploiting a path-traversal technique. (This vulnerability can also be exploited by an unauthenticated attacker due to a lack of CSRF protection.)
CVSS Score
5.5
EPSS Score
0.01
Published
2021-03-15
A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may lead to denial of service.
CVSS Score
2.7
EPSS Score
0.011
Published
2021-03-15
Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.
CVSS Score
6.3
EPSS Score
0.036
Published
2021-03-15


Contact Us

Shodan ® - All rights reserved