6.5CVSS
6.5AI Score
0.001EPSS
SQL injection in Logon Page of IDCE MV's application, version 1.0, allows an attacker to inject SQL payloads in the user field, connecting to a database to access enterprise's private and sensitive...
7.5CVSS
7.8AI Score
0.002EPSS
SQL injection in Logon Page in MV's mConnect application, v02.001.00, allows an attacker to use a non existing user with a generic password to connect to the application and get access to unauthorized...
7.5CVSS
7.9AI Score
0.002EPSS
Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker to know valid users from the application's database via brute...
7.5CVSS
7.3AI Score
0.002EPSS
Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and paste aspx pages in the end of the URL application that connect into the database which reveals internal and sensitive information without logging into the web...
7.5CVSS
7.2AI Score
0.002EPSS
Multiple cross-site scripting (XSS) vulnerabilities in (1) templates/admanagement/admanagement.php and (2) templates/adspot/adspot.php in the ResAds plugin before 1.0.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the page...
6.1CVSS
6.1AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in main.rb in Vine MV before 2015-11-08 allows remote attackers to inject arbitrary web script or HTML via unspecified...
6.1CVSS
5.9AI Score
0.002EPSS