Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2017-9448 Cross-Site Scripting (XSS) in bigtreecms (CVE-2017-9448)
cross-site scripting in bigtreecms (CVE-2017-9448). Risk of unauthorized operations or information disclosure.
CVE-2017-9332 Cross-Site Scripting (XSS) in pivotx (CVE-2017-9332)
cross-site scripting in pivotx (CVE-2017-9332). Risk of unauthorized operations or information disclosure.
CVE-2017-9443 SQL Injection in sqli (CVE-2017-9443)
SQL injection in sqli (CVE-2017-9443). Successful exploitation can lead to full system takeover.
CVE-2017-9420 Cross-Site Scripting (XSS) in wordpress (CVE-2017-9420)
cross-site scripting in wordpress (CVE-2017-9420). Risk of unauthorized operations or information disclosure.
CVE-2017-9441 Cross-Site Scripting (XSS) in bigtreecms (CVE-2017-9441)
cross-site scripting in bigtreecms (CVE-2017-9441). Risk of unauthorized operations or information disclosure.
CVE-2017-9444 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9444)
vulnerability in csrf (CVE-2017-9444). Successful exploitation can lead to full system takeover.
CVE-2017-9439 Vulnerability in c (CVE-2017-9439)
vulnerability in c (CVE-2017-9439). Risk of unauthorized operations or information disclosure.
CVE-2017-9440 Vulnerability in c (CVE-2017-9440)
vulnerability in c (CVE-2017-9440). Risk of unauthorized operations or information disclosure.
CVE-2017-9438 Vulnerability in c (CVE-2017-9438)
vulnerability in c (CVE-2017-9438). Risk of unauthorized operations or information disclosure.
CVE-2017-8835 SQL Injection in sqli (CVE-2017-8835)
SQL injection in sqli (CVE-2017-8835). Successful exploitation can lead to full system takeover.
CVE-2017-9435 SQL Injection in sqli (CVE-2017-9435)
SQL injection in sqli (CVE-2017-9435). Successful exploitation can lead to full system takeover.
CVE-2017-9436 TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.queries.php.
TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.queries.php.
CVE-2017-9437 SQL Injection in sqli (CVE-2017-9437)
SQL injection in sqli (CVE-2017-9437). Successful exploitation can lead to full system takeover.
CVE-2017-8439 Cross-Site Scripting (XSS) in elastic (CVE-2017-8439)
cross-site scripting in elastic (CVE-2017-8439). Risk of unauthorized operations or information disclosure.
CVE-2017-8440 Cross-Site Scripting (XSS) in elastic (CVE-2017-8440)
cross-site scripting in elastic (CVE-2017-8440). Risk of unauthorized operations or information disclosure.
CVE-2017-8838 Cross-Site Scripting (XSS) in peplink (CVE-2017-8838)
cross-site scripting in peplink (CVE-2017-8838). Risk of unauthorized operations or information disclosure.
CVE-2017-8839 Cross-Site Scripting (XSS) in peplink (CVE-2017-8839)
cross-site scripting in peplink (CVE-2017-8839). Risk of unauthorized operations or information disclosure.
CVE-2017-8836 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-8836)
vulnerability in csrf (CVE-2017-8836). Successful exploitation can lead to full system takeover.
CVE-2017-8841 Path Traversal in path-traversal (CVE-2017-8841)
path traversal in path-traversal (CVE-2017-8841). Data can be tampered with by attackers.
CVE-2017-8438 Vulnerability in privilege-escalation (CVE-2017-8438)
vulnerability in privilege-escalation (CVE-2017-8438). Successful exploitation can lead to full system takeover.
CVE-2017-9430 Buffer Overflow in dos (CVE-2017-9430)
vulnerability in dos (CVE-2017-9430). Successful exploitation can lead to full system takeover.
CVE-2017-9427 SQL Injection in sqli (CVE-2017-9427)
SQL injection in sqli (CVE-2017-9427). Successful exploitation can lead to full system takeover.
CVE-2014-9983 Path Traversal in path-traversal (CVE-2014-9983)
path traversal in path-traversal (CVE-2014-9983). Data can be tampered with by attackers.
CVE-2017-9428 Path Traversal in path-traversal (CVE-2017-9428)
path traversal in path-traversal (CVE-2017-9428). Confidential information can be exposed externally.
CVE-2012-6705 Cross Site Scripting (XSS) exists in Jamroom before 4.2.7 via the Status Update field.
Cross Site Scripting (XSS) exists in Jamroom before 4.2.7 via the Status Update field.
CVE-2017-9416 Path Traversal in path-traversal (CVE-2017-9416)
path traversal in path-traversal (CVE-2017-9416). Confidential information can be exposed externally.
CVE-2017-3740 Vulnerability in dos (CVE-2017-3740)
vulnerability in dos (CVE-2017-3740). Risk of unauthorized operations or information disclosure.
CVE-2017-9403 Vulnerability in c (CVE-2017-9403)
vulnerability in c (CVE-2017-9403). Risk of unauthorized operations or information disclosure.
CVE-2017-9404 Vulnerability in c (CVE-2017-9404)
vulnerability in c (CVE-2017-9404). Risk of unauthorized operations or information disclosure.
CVE-2017-9405 Vulnerability in c (CVE-2017-9405)
vulnerability in c (CVE-2017-9405). Risk of unauthorized operations or information disclosure.
CVE-2017-9406 Vulnerability in dos (CVE-2017-9406)
vulnerability in dos (CVE-2017-9406). Risk of unauthorized operations or information disclosure.
CVE-2017-9407 Vulnerability in c (CVE-2017-9407)
vulnerability in c (CVE-2017-9407). Risk of unauthorized operations or information disclosure.
CVE-2017-9408 Vulnerability in dos (CVE-2017-9408)
vulnerability in dos (CVE-2017-9408). Risk of unauthorized operations or information disclosure.
CVE-2017-9409 Vulnerability in c (CVE-2017-9409)
vulnerability in c (CVE-2017-9409). Risk of unauthorized operations or information disclosure.
CVE-2017-9379 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9379)
vulnerability in csrf (CVE-2017-9379). Successful exploitation can lead to full system takeover.
CVE-2017-9372 Buffer Overflow in dos (CVE-2017-9372)
vulnerability in dos (CVE-2017-9372). Risk of unauthorized operations or information disclosure.
CVE-2017-9363 Unsafe Deserialization in soffid (CVE-2017-9363)
vulnerability in soffid (CVE-2017-9363). Successful exploitation can lead to full system takeover.
CVE-2017-9360 WebsiteBaker v2.10.0 has a SQL injection vulnerability in /account/details.php.
WebsiteBaker v2.10.0 has a SQL injection vulnerability in /account/details.php.
CVE-2017-9361 WebsiteBaker v2.10.0 has a stored XSS vulnerability in /account/details.php.
WebsiteBaker v2.10.0 has a stored XSS vulnerability in /account/details.php.
CVE-2017-9366 Cross-Site Scripting (XSS) in epesi (CVE-2017-9366)
cross-site scripting in epesi (CVE-2017-9366). Risk of unauthorized operations or information disclosure.
CVE-2017-9365 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9365)
vulnerability in csrf (CVE-2017-9365). Successful exploitation can lead to full system takeover.
CVE-2017-9359 Out-of-Bounds Read in dos (CVE-2017-9359)
vulnerability in dos (CVE-2017-9359). Risk of unauthorized operations or information disclosure.
CVE-2017-7384 Cross-Site Scripting (XSS) in flipbuilder (CVE-2017-7384)
cross-site scripting in flipbuilder (CVE-2017-7384). Risk of unauthorized operations or information disclosure.
CVE-2015-5473 Path Traversal in path-traversal (CVE-2015-5473)
path traversal in path-traversal (CVE-2015-5473). Successful exploitation can lead to full system takeover.
CVE-2017-7999 Vulnerability in dos (CVE-2017-7999)
vulnerability in dos (CVE-2017-7999). Risk of unauthorized operations or information disclosure.
CVE-2017-9060 Vulnerability in c (CVE-2017-9060)
vulnerability in c (CVE-2017-9060). Risk of unauthorized operations or information disclosure.
CVE-2017-3127 Cross-Site Scripting (XSS) in fortinet (CVE-2017-3127)
cross-site scripting in fortinet (CVE-2017-3127). Risk of unauthorized operations or information disclosure.
CVE-2017-9331 Cross-Site Scripting (XSS) in epesi (CVE-2017-9331)
cross-site scripting in epesi (CVE-2017-9331). Risk of unauthorized operations or information disclosure.
CVE-2017-9336 The WP Editor.MD plugin 1.6 for WordPress has a stored XSS vulnerability in the content of a post.
The WP Editor.MD plugin 1.6 for WordPress has a stored XSS vulnerability in the content of a post.
CVE-2017-9337 Cross-Site Scripting (XSS) in wordpress (CVE-2017-9337)
cross-site scripting in wordpress (CVE-2017-9337). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →