Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in National Keep Cyber Security Services CyberMath allows Reflected XSS.This issue affects CyberMath: from v.1.4 before...
6.1CVSS
6.3AI Score
0.0005EPSS
Cross-Site Request Forgery (CSRF) vulnerability in National Keep Cyber Security Services CyberMath allows Cross Site Request Forgery.This issue affects CyberMath: from v1.4 before...
8.8CVSS
8.6AI Score
0.001EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in National Keep Cyber Security Services CyberMath allows Stored XSS.This issue affects CyberMath: from v1.4 before...
5.4CVSS
5.5AI Score
0.0004EPSS
Unrestricted Upload of File with Dangerous Type vulnerability in National Keep Cyber Security Services CyberMath allows Upload a Web Shell to a Web Server.This issue affects CyberMath: from v.1.4 before...
9.8CVSS
9.2AI Score
0.001EPSS
All versions of the package keep-module-latest are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the installModule function. Note: To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have...
8.4CVSS
7.9AI Score
0.0004EPSS
The keep for python, as distributed on PyPI, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is...
9.8CVSS
9.4AI Score
0.005EPSS
Archeevo below 5.0 is affected by local file inclusion through file=~/web.config to allow an attacker to retrieve local...
7.5CVSS
7.4AI Score
0.02EPSS
SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2)...
8.7AI Score
0.002EPSS
Multiple PHP remote file inclusion vulnerabilities in the Keep It Simple Guest Book (KISGB) allow remote attackers to execute arbitrary PHP code via a URL in the (1) path_to_themes parameter in (a) authenticate.php, and the (2) default_path_for_themes parameter in (b) admin.php and (c)...
8AI Score
0.005EPSS
PHP remote file inclusion vulnerability in authenticate.php in Keep It Simple Guest Book (KISGB), when executing PHP through CGI, allows remote attackers to execute arbitrary PHP code via a URL in the default_path_to_themes...
7.9AI Score
0.012EPSS