Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cms Clear
ID Title
CVE-2017-17059 Cross-Site Scripting (XSS) in wordpress (CVE-2017-17059)
cross-site scripting in wordpress (CVE-2017-17059). Risk of unauthorized operations or information disclosure.
CVE-2017-17058 Path Traversal in wordpress (CVE-2017-17058)
path traversal in wordpress (CVE-2017-17058). Confidential information can be exposed externally.
CVE-2017-17043 Cross-Site Scripting (XSS) in wordpress (CVE-2017-17043)
cross-site scripting in wordpress (CVE-2017-17043). Risk of unauthorized operations or information disclosure.
CVE-2017-16955 SQL Injection in wordpress (CVE-2017-16955)
SQL injection in wordpress (CVE-2017-16955). Successful exploitation can lead to full system takeover.
CVE-2017-1000227 Cross-Site Scripting (XSS) in wordpress (CVE-2017-1000227)
cross-site scripting in wordpress (CVE-2017-1000227). Risk of unauthorized operations or information disclosure.
CVE-2017-16870 SSRF (Server-Side Request Forgery) in wordpress (CVE-2017-16870)
SSRF in wordpress (CVE-2017-16870). Successful exploitation can lead to full system takeover.
CVE-2017-16871 Code Injection in wordpress (CVE-2017-16871)
code injection in wordpress (CVE-2017-16871). Successful exploitation can lead to full system takeover.
CVE-2017-1000224 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-1000224)
vulnerability in wordpress (CVE-2017-1000224). Data can be tampered with by attackers.
CVE-2017-16842 Cross-Site Scripting (XSS) in wordpress (CVE-2017-16842)
cross-site scripting in wordpress (CVE-2017-16842). Risk of unauthorized operations or information disclosure.
CVE-2017-16815 Cross-Site Scripting (XSS) in wordpress (CVE-2017-16815)
cross-site scripting in wordpress (CVE-2017-16815). Risk of unauthorized operations or information disclosure.
CVE-2017-16562 Authentication Bypass in wordpress (CVE-2017-16562)
authentication bypass in wordpress (CVE-2017-16562). Successful exploitation can lead to full system takeover.
CVE-2017-16633 Information Disclosure in joomla (CVE-2017-16633)
vulnerability in joomla (CVE-2017-16633). Risk of unauthorized operations or information disclosure.
CVE-2017-16634 Authentication Bypass in joomla (CVE-2017-16634)
authentication bypass in joomla (CVE-2017-16634). Successful exploitation can lead to full system takeover.
CVE-2017-16758 Cross-Site Scripting (XSS) in wordpress (CVE-2017-16758)
cross-site scripting in wordpress (CVE-2017-16758). Risk of unauthorized operations or information disclosure.
CVE-2015-7878 Cross-Site Scripting (XSS) in drupal (CVE-2015-7878)
cross-site scripting in drupal (CVE-2015-7878). Risk of unauthorized operations or information disclosure.
CVE-2017-16510 SQL Injection in wordpress (CVE-2017-16510)
SQL injection in wordpress (CVE-2017-16510). Successful exploitation can lead to full system takeover.
CVE-2017-15919 SQL Injection in wordpress (CVE-2017-15919)
SQL injection in wordpress (CVE-2017-15919). Successful exploitation can lead to full system takeover.
CVE-2017-15867 Cross-Site Scripting (XSS) in wordpress (CVE-2017-15867)
cross-site scripting in wordpress (CVE-2017-15867). Risk of unauthorized operations or information disclosure.
CVE-2017-15863 Cross-Site Scripting (XSS) in wordpress (CVE-2017-15863)
cross-site scripting in wordpress (CVE-2017-15863). Risk of unauthorized operations or information disclosure.
CVE-2015-5532 Cross-Site Scripting (XSS) in wordpress (CVE-2015-5532)
cross-site scripting in wordpress (CVE-2015-5532). Risk of unauthorized operations or information disclosure.
CVE-2015-5533 SQL Injection in wordpress (CVE-2015-5533)
SQL injection in wordpress (CVE-2015-5533). Successful exploitation can lead to full system takeover.
CVE-2017-15810 Cross-Site Scripting (XSS) in csharp (CVE-2017-15810)
cross-site scripting in csharp (CVE-2017-15810). Risk of unauthorized operations or information disclosure.
CVE-2017-15811 Cross-Site Scripting (XSS) in wordpress (CVE-2017-15811)
cross-site scripting in wordpress (CVE-2017-15811). Risk of unauthorized operations or information disclosure.
CVE-2017-15812 Cross-Site Scripting (XSS) in wordpress (CVE-2017-15812)
cross-site scripting in wordpress (CVE-2017-15812). Risk of unauthorized operations or information disclosure.
CVE-2017-15808 In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
CVE-2017-15809 In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a crafted tag.
In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a crafted tag.
CVE-2017-15727 In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment.
In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment.
CVE-2017-15728 Cross-Site Scripting (XSS) in phpmyfaq (CVE-2017-15728)
cross-site scripting in phpmyfaq (CVE-2017-15728). Risk of unauthorized operations or information disclosure.
CVE-2017-15729 In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary.
CVE-2017-15730 In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.
CVE-2017-15731 In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.adminlog.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.adminlog.php.
CVE-2017-15732 In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
CVE-2017-15733 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-15733)
vulnerability in csrf (CVE-2017-15733). Successful exploitation can lead to full system takeover.
CVE-2017-15734 In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
CVE-2017-15735 In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary.
CVE-2010-3659 Cross-Site Scripting (XSS) in typo3 (CVE-2010-3659)
cross-site scripting in typo3 (CVE-2010-3659). Risk of unauthorized operations or information disclosure.
CVE-2015-6668 Information Disclosure in wordpress (CVE-2015-6668)
vulnerability in wordpress (CVE-2015-6668). Confidential information can be exposed externally.
CVE-2012-6707 Vulnerability in wordpress (CVE-2012-6707)
vulnerability in wordpress (CVE-2012-6707). Confidential information can be exposed externally.
CVE-2015-5227 Vulnerability in wordpress (CVE-2015-5227)
vulnerability in wordpress (CVE-2015-5227). Successful exploitation can lead to full system takeover.
CVE-2015-7943 Open Redirect in drupal (CVE-2015-7943)
vulnerability in drupal (CVE-2015-7943). Risk of unauthorized operations or information disclosure.
CVE-2014-8491 Information Disclosure in wordpress (CVE-2014-8491)
vulnerability in wordpress (CVE-2014-8491). Risk of unauthorized operations or information disclosure.
CVE-2015-7806 Command Injection in wordpress (CVE-2015-7806)
command injection in wordpress (CVE-2015-7806). Successful exploitation can lead to full system takeover.
CVE-2014-8087 Cross-Site Scripting (XSS) in wordpress (CVE-2014-8087)
cross-site scripting in wordpress (CVE-2014-8087). Risk of unauthorized operations or information disclosure.
CVE-2014-8621 SQL Injection in wordpress (CVE-2014-8621)
SQL injection in wordpress (CVE-2014-8621). Successful exploitation can lead to full system takeover.
CVE-2017-15375 Cross-Site Scripting (XSS) in wordpress (CVE-2017-15375)
cross-site scripting in wordpress (CVE-2017-15375). Risk of unauthorized operations or information disclosure. Exploitable via ``query``.
CVE-2017-15374 Cross-Site Scripting (XSS) in shopware (CVE-2017-15374)
cross-site scripting in shopware (CVE-2017-15374). Risk of unauthorized operations or information disclosure.
CVE-2016-9263 Vulnerability in wordpress (CVE-2016-9263)
vulnerability in wordpress (CVE-2016-9263). Risk of unauthorized operations or information disclosure.
CVE-2015-2673 Vulnerability in wordpress (CVE-2015-2673)
vulnerability in wordpress (CVE-2015-2673). Successful exploitation can lead to full system takeover.
CVE-2017-15079 Path Traversal in wordpress (CVE-2017-15079)
path traversal in wordpress (CVE-2017-15079). Confidential information can be exposed externally.
CVE-2014-7240 Cross-Site Scripting (XSS) in wordpress (CVE-2014-7240)
cross-site scripting in wordpress (CVE-2014-7240). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →