5.5CVSS
5.5AI Score
0.0004EPSS
OpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC2_SECRET_KEY (equivalent to a password). Exposing the EC2_ACCESS_KEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the...
5.9CVSS
5.3AI Score
0.001EPSS
Multiple PHP remote file inclusion vulnerabilities in Nova CMS allow remote attackers to execute arbitrary PHP code via a URL in the (1) fileType parameter to optimizer/index.php, (2) id parameter to administrator/modules/moduleslist.php, (3) filename parameter to includes/function/gets.php, or...
7.9AI Score
0.007EPSS
PHP remote file inclusion vulnerability in Tutti Nova 1.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to...
7.9AI Score
0.024EPSS
Multiple PHP remote file inclusion vulnerabilities in Tutti Nova 1.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to (1) include/novalib/class.novaAdmin.mysql.php and (2) novalib/class.novaRead.mysql.php. NOTE: the provenance of this...
7.8AI Score
0.024EPSS
Unknown vulnerability in Tutti Nova 0.10 through 0.12 (Beta) and 0.9.4, when register_globals is enabled, has unknown impact and attack...
7AI Score
0.006EPSS