Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-9448 |
|
Cross-Site Scripting (XSS) in bigtreecms (CVE-2017-9448)
cross-site scripting in bigtreecms (CVE-2017-9448). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9332 |
|
Cross-Site Scripting (XSS) in pivotx (CVE-2017-9332)
cross-site scripting in pivotx (CVE-2017-9332). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9443 |
|
SQL Injection in sqli (CVE-2017-9443)
SQL injection in sqli (CVE-2017-9443). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9420 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-9420)
cross-site scripting in wordpress (CVE-2017-9420). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9441 |
|
Cross-Site Scripting (XSS) in bigtreecms (CVE-2017-9441)
cross-site scripting in bigtreecms (CVE-2017-9441). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9444 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9444)
vulnerability in csrf (CVE-2017-9444). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9439 |
|
Vulnerability in c (CVE-2017-9439)
vulnerability in c (CVE-2017-9439). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9440 |
|
Vulnerability in c (CVE-2017-9440)
vulnerability in c (CVE-2017-9440). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9438 |
|
Vulnerability in c (CVE-2017-9438)
vulnerability in c (CVE-2017-9438). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8835 |
|
SQL Injection in sqli (CVE-2017-8835)
SQL injection in sqli (CVE-2017-8835). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9435 |
|
SQL Injection in sqli (CVE-2017-9435)
SQL injection in sqli (CVE-2017-9435). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9436 |
|
TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.queries.php.
TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.queries.php.
|
| CVE-2017-9437 |
|
SQL Injection in sqli (CVE-2017-9437)
SQL injection in sqli (CVE-2017-9437). Successful exploitation can lead to full system takeover.
|
| CVE-2017-8439 |
|
Cross-Site Scripting (XSS) in elastic (CVE-2017-8439)
cross-site scripting in elastic (CVE-2017-8439). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8440 |
|
Cross-Site Scripting (XSS) in elastic (CVE-2017-8440)
cross-site scripting in elastic (CVE-2017-8440). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8838 |
|
Cross-Site Scripting (XSS) in peplink (CVE-2017-8838)
cross-site scripting in peplink (CVE-2017-8838). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8839 |
|
Cross-Site Scripting (XSS) in peplink (CVE-2017-8839)
cross-site scripting in peplink (CVE-2017-8839). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8836 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-8836)
vulnerability in csrf (CVE-2017-8836). Successful exploitation can lead to full system takeover.
|
| CVE-2017-8841 |
|
Path Traversal in path-traversal (CVE-2017-8841)
path traversal in path-traversal (CVE-2017-8841). Data can be tampered with by attackers.
|
| CVE-2017-8438 |
|
Vulnerability in privilege-escalation (CVE-2017-8438)
vulnerability in privilege-escalation (CVE-2017-8438). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9430 |
|
Buffer Overflow in dos (CVE-2017-9430)
vulnerability in dos (CVE-2017-9430). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9427 |
|
SQL Injection in sqli (CVE-2017-9427)
SQL injection in sqli (CVE-2017-9427). Successful exploitation can lead to full system takeover.
|
| CVE-2014-9983 |
|
Path Traversal in path-traversal (CVE-2014-9983)
path traversal in path-traversal (CVE-2014-9983). Data can be tampered with by attackers.
|
| CVE-2017-9428 |
|
Path Traversal in path-traversal (CVE-2017-9428)
path traversal in path-traversal (CVE-2017-9428). Confidential information can be exposed externally.
|
| CVE-2012-6705 |
|
Cross Site Scripting (XSS) exists in Jamroom before 4.2.7 via the Status Update field.
Cross Site Scripting (XSS) exists in Jamroom before 4.2.7 via the Status Update field.
|
| CVE-2017-9416 |
|
Path Traversal in path-traversal (CVE-2017-9416)
path traversal in path-traversal (CVE-2017-9416). Confidential information can be exposed externally.
|
| CVE-2017-3740 |
|
Vulnerability in dos (CVE-2017-3740)
vulnerability in dos (CVE-2017-3740). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9403 |
|
Vulnerability in c (CVE-2017-9403)
vulnerability in c (CVE-2017-9403). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9404 |
|
Vulnerability in c (CVE-2017-9404)
vulnerability in c (CVE-2017-9404). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9405 |
|
Vulnerability in c (CVE-2017-9405)
vulnerability in c (CVE-2017-9405). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9406 |
|
Vulnerability in dos (CVE-2017-9406)
vulnerability in dos (CVE-2017-9406). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9407 |
|
Vulnerability in c (CVE-2017-9407)
vulnerability in c (CVE-2017-9407). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9408 |
|
Vulnerability in dos (CVE-2017-9408)
vulnerability in dos (CVE-2017-9408). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9409 |
|
Vulnerability in c (CVE-2017-9409)
vulnerability in c (CVE-2017-9409). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9379 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9379)
vulnerability in csrf (CVE-2017-9379). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9372 |
|
Buffer Overflow in dos (CVE-2017-9372)
vulnerability in dos (CVE-2017-9372). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9363 |
|
Unsafe Deserialization in soffid (CVE-2017-9363)
vulnerability in soffid (CVE-2017-9363). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9360 |
|
WebsiteBaker v2.10.0 has a SQL injection vulnerability in /account/details.php.
WebsiteBaker v2.10.0 has a SQL injection vulnerability in /account/details.php.
|
| CVE-2017-9361 |
|
WebsiteBaker v2.10.0 has a stored XSS vulnerability in /account/details.php.
WebsiteBaker v2.10.0 has a stored XSS vulnerability in /account/details.php.
|
| CVE-2017-9366 |
|
Cross-Site Scripting (XSS) in epesi (CVE-2017-9366)
cross-site scripting in epesi (CVE-2017-9366). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9365 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9365)
vulnerability in csrf (CVE-2017-9365). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9359 |
|
Out-of-Bounds Read in dos (CVE-2017-9359)
vulnerability in dos (CVE-2017-9359). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7384 |
|
Cross-Site Scripting (XSS) in flipbuilder (CVE-2017-7384)
cross-site scripting in flipbuilder (CVE-2017-7384). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-5473 |
|
Path Traversal in path-traversal (CVE-2015-5473)
path traversal in path-traversal (CVE-2015-5473). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7999 |
|
Vulnerability in dos (CVE-2017-7999)
vulnerability in dos (CVE-2017-7999). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9060 |
|
Vulnerability in c (CVE-2017-9060)
vulnerability in c (CVE-2017-9060). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-3127 |
|
Cross-Site Scripting (XSS) in fortinet (CVE-2017-3127)
cross-site scripting in fortinet (CVE-2017-3127). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9331 |
|
Cross-Site Scripting (XSS) in epesi (CVE-2017-9331)
cross-site scripting in epesi (CVE-2017-9331). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9336 |
|
The WP Editor.MD plugin 1.6 for WordPress has a stored XSS vulnerability in the content of a post.
The WP Editor.MD plugin 1.6 for WordPress has a stored XSS vulnerability in the content of a post.
|
| CVE-2017-9337 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-9337)
cross-site scripting in wordpress (CVE-2017-9337). Risk of unauthorized operations or information disclosure.
|