Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-17059 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-17059)
cross-site scripting in wordpress (CVE-2017-17059). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17058 |
|
Path Traversal in wordpress (CVE-2017-17058)
path traversal in wordpress (CVE-2017-17058). Confidential information can be exposed externally.
|
| CVE-2017-17043 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-17043)
cross-site scripting in wordpress (CVE-2017-17043). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16955 |
|
SQL Injection in wordpress (CVE-2017-16955)
SQL injection in wordpress (CVE-2017-16955). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000227 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-1000227)
cross-site scripting in wordpress (CVE-2017-1000227). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16870 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2017-16870)
SSRF in wordpress (CVE-2017-16870). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16871 |
|
Code Injection in wordpress (CVE-2017-16871)
code injection in wordpress (CVE-2017-16871). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000224 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-1000224)
vulnerability in wordpress (CVE-2017-1000224). Data can be tampered with by attackers.
|
| CVE-2017-16842 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-16842)
cross-site scripting in wordpress (CVE-2017-16842). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16815 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-16815)
cross-site scripting in wordpress (CVE-2017-16815). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16562 |
|
Authentication Bypass in wordpress (CVE-2017-16562)
authentication bypass in wordpress (CVE-2017-16562). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16633 |
|
Information Disclosure in joomla (CVE-2017-16633)
vulnerability in joomla (CVE-2017-16633). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16634 |
|
Authentication Bypass in joomla (CVE-2017-16634)
authentication bypass in joomla (CVE-2017-16634). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16758 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-16758)
cross-site scripting in wordpress (CVE-2017-16758). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7878 |
|
Cross-Site Scripting (XSS) in drupal (CVE-2015-7878)
cross-site scripting in drupal (CVE-2015-7878). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16510 |
|
SQL Injection in wordpress (CVE-2017-16510)
SQL injection in wordpress (CVE-2017-16510). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15919 |
|
SQL Injection in wordpress (CVE-2017-15919)
SQL injection in wordpress (CVE-2017-15919). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15867 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-15867)
cross-site scripting in wordpress (CVE-2017-15867). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15863 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-15863)
cross-site scripting in wordpress (CVE-2017-15863). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-5532 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2015-5532)
cross-site scripting in wordpress (CVE-2015-5532). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-5533 |
|
SQL Injection in wordpress (CVE-2015-5533)
SQL injection in wordpress (CVE-2015-5533). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15810 |
|
Cross-Site Scripting (XSS) in csharp (CVE-2017-15810)
cross-site scripting in csharp (CVE-2017-15810). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15811 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-15811)
cross-site scripting in wordpress (CVE-2017-15811). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15812 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-15812)
cross-site scripting in wordpress (CVE-2017-15812). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15808 |
|
In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
|
| CVE-2017-15809 |
|
In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a crafted tag.
In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a crafted tag.
|
| CVE-2017-15727 |
|
In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment.
In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment.
|
| CVE-2017-15728 |
|
Cross-Site Scripting (XSS) in phpmyfaq (CVE-2017-15728)
cross-site scripting in phpmyfaq (CVE-2017-15728). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15729 |
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary.
|
| CVE-2017-15730 |
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.
|
| CVE-2017-15731 |
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.adminlog.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.adminlog.php.
|
| CVE-2017-15732 |
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
|
| CVE-2017-15733 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-15733)
vulnerability in csrf (CVE-2017-15733). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15734 |
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
|
| CVE-2017-15735 |
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary.
|
| CVE-2010-3659 |
|
Cross-Site Scripting (XSS) in typo3 (CVE-2010-3659)
cross-site scripting in typo3 (CVE-2010-3659). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-6668 |
|
Information Disclosure in wordpress (CVE-2015-6668)
vulnerability in wordpress (CVE-2015-6668). Confidential information can be exposed externally.
|
| CVE-2012-6707 |
|
Vulnerability in wordpress (CVE-2012-6707)
vulnerability in wordpress (CVE-2012-6707). Confidential information can be exposed externally.
|
| CVE-2015-5227 |
|
Vulnerability in wordpress (CVE-2015-5227)
vulnerability in wordpress (CVE-2015-5227). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7943 |
|
Open Redirect in drupal (CVE-2015-7943)
vulnerability in drupal (CVE-2015-7943). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-8491 |
|
Information Disclosure in wordpress (CVE-2014-8491)
vulnerability in wordpress (CVE-2014-8491). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7806 |
|
Command Injection in wordpress (CVE-2015-7806)
command injection in wordpress (CVE-2015-7806). Successful exploitation can lead to full system takeover.
|
| CVE-2014-8087 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2014-8087)
cross-site scripting in wordpress (CVE-2014-8087). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-8621 |
|
SQL Injection in wordpress (CVE-2014-8621)
SQL injection in wordpress (CVE-2014-8621). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15375 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-15375)
cross-site scripting in wordpress (CVE-2017-15375). Risk of unauthorized operations or information disclosure. Exploitable via ``query``.
|
| CVE-2017-15374 |
|
Cross-Site Scripting (XSS) in shopware (CVE-2017-15374)
cross-site scripting in shopware (CVE-2017-15374). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-9263 |
|
Vulnerability in wordpress (CVE-2016-9263)
vulnerability in wordpress (CVE-2016-9263). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-2673 |
|
Vulnerability in wordpress (CVE-2015-2673)
vulnerability in wordpress (CVE-2015-2673). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15079 |
|
Path Traversal in wordpress (CVE-2017-15079)
path traversal in wordpress (CVE-2017-15079). Confidential information can be exposed externally.
|
| CVE-2014-7240 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2014-7240)
cross-site scripting in wordpress (CVE-2014-7240). Risk of unauthorized operations or information disclosure.
|