Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cms Clear
ID Title
CVE-2017-7983 Information Disclosure in joomla (CVE-2017-7983)
vulnerability in joomla (CVE-2017-7983). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.0` or later.
CVE-2017-7984 Cross-Site Scripting (XSS) in joomla (CVE-2017-7984)
cross-site scripting in joomla (CVE-2017-7984). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.0` or later.
CVE-2017-7985 Cross-Site Scripting (XSS) in joomla (CVE-2017-7985)
cross-site scripting in joomla (CVE-2017-7985). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.0` or later.
CVE-2017-7986 Cross-Site Scripting (XSS) in joomla (CVE-2017-7986)
cross-site scripting in joomla (CVE-2017-7986). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.0` or later.
CVE-2017-7987 Cross-Site Scripting (XSS) in joomla (CVE-2017-7987)
cross-site scripting in joomla (CVE-2017-7987). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.0` or later.
CVE-2017-7988 Vulnerability in joomla (CVE-2017-7988)
vulnerability in joomla (CVE-2017-7988). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.0` or later.
CVE-2017-7989 Unrestricted File Upload in joomla (CVE-2017-7989)
vulnerability in joomla (CVE-2017-7989). Data can be tampered with by attackers. Mitigation: upgrade to `3.7.0` or later.
CVE-2017-8057 Information Disclosure in joomla (CVE-2017-8057)
vulnerability in joomla (CVE-2017-8057). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.0` or later.
CVE-2017-7723 XSS exists in Easy WP SMTP (before 1.2.5), a WordPress Plugin, via the e-mail subject or body.
XSS exists in Easy WP SMTP (before 1.2.5), a WordPress Plugin, via the e-mail subject or body.
CVE-2017-8099 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-8099)
vulnerability in wordpress (CVE-2017-8099). Data can be tampered with by attackers.
CVE-2017-8100 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-8100)
vulnerability in wordpress (CVE-2017-8100). Data can be tampered with by attackers.
CVE-2016-3109 Vulnerability in shopware (CVE-2016-3109)
vulnerability in shopware (CVE-2016-3109). Successful exploitation can lead to full system takeover.
CVE-2017-6919 Vulnerability in drupal (CVE-2017-6919)
vulnerability in drupal (CVE-2017-6919). Successful exploitation can lead to full system takeover.
CVE-2017-7719 SQL Injection in wordpress (CVE-2017-7719)
SQL injection in wordpress (CVE-2017-7719). Successful exploitation can lead to full system takeover.
CVE-2017-7579 inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field.
inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field.
CVE-2017-1001000 Vulnerability in wordpress (CVE-2017-1001000)
vulnerability in wordpress (CVE-2017-1001000). Data can be tampered with by attackers.
CVE-2017-6370 Vulnerability in typo3 (CVE-2017-6370)
vulnerability in typo3 (CVE-2017-6370). Risk of unauthorized operations or information disclosure.
CVE-2017-6954 Privilege Escalation in wordpress (CVE-2017-6954)
vulnerability in wordpress (CVE-2017-6954). Risk of unauthorized operations or information disclosure.
CVE-2017-6955 Vulnerability in wordpress (CVE-2017-6955)
vulnerability in wordpress (CVE-2017-6955). Risk of unauthorized operations or information disclosure.
CVE-2016-0770 Cross-Site Scripting (XSS) in wordpress (CVE-2016-0770)
cross-site scripting in wordpress (CVE-2016-0770). Risk of unauthorized operations or information disclosure.
CVE-2017-6377 Authorization Flaw in drupal (CVE-2017-6377)
vulnerability in drupal (CVE-2017-6377). Data can be tampered with by attackers.
CVE-2017-6379 Cross-Site Request Forgery (CSRF) in drupal (CVE-2017-6379)
vulnerability in drupal (CVE-2017-6379). Successful exploitation can lead to full system takeover.
CVE-2017-6381 Vulnerability in drupal (CVE-2017-6381)
vulnerability in drupal (CVE-2017-6381). Successful exploitation can lead to full system takeover.
CVE-2017-6814 Cross-Site Scripting (XSS) in wordpress (CVE-2017-6814)
cross-site scripting in wordpress (CVE-2017-6814). Risk of unauthorized operations or information disclosure.
CVE-2017-6815 Vulnerability in wordpress (CVE-2017-6815)
vulnerability in wordpress (CVE-2017-6815). Risk of unauthorized operations or information disclosure.
CVE-2017-6816 Authorization Flaw in wordpress (CVE-2017-6816)
vulnerability in wordpress (CVE-2017-6816). Data can be tampered with by attackers.
CVE-2017-6817 Cross-Site Scripting (XSS) in wordpress (CVE-2017-6817)
cross-site scripting in wordpress (CVE-2017-6817). Risk of unauthorized operations or information disclosure.
CVE-2017-6818 Cross-Site Scripting (XSS) in wordpress (CVE-2017-6818)
cross-site scripting in wordpress (CVE-2017-6818). Risk of unauthorized operations or information disclosure.
CVE-2017-6819 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-6819)
vulnerability in wordpress (CVE-2017-6819). Risk of unauthorized operations or information disclosure.
CVE-2017-6570 SQL Injection in wordpress (CVE-2017-6570)
SQL injection in wordpress (CVE-2017-6570). Successful exploitation can lead to full system takeover.
CVE-2017-6571 SQL Injection in wordpress (CVE-2017-6571)
SQL injection in wordpress (CVE-2017-6571). Successful exploitation can lead to full system takeover.
CVE-2017-6572 SQL Injection in wordpress (CVE-2017-6572)
SQL injection in wordpress (CVE-2017-6572). Successful exploitation can lead to full system takeover.
CVE-2017-6573 SQL Injection in wordpress (CVE-2017-6573)
SQL injection in wordpress (CVE-2017-6573). Successful exploitation can lead to full system takeover.
CVE-2017-6574 SQL Injection in wordpress (CVE-2017-6574)
SQL injection in wordpress (CVE-2017-6574). Successful exploitation can lead to full system takeover.
CVE-2017-6575 SQL Injection in wordpress (CVE-2017-6575)
SQL injection in wordpress (CVE-2017-6575). Successful exploitation can lead to full system takeover.
CVE-2017-6576 SQL Injection in wordpress (CVE-2017-6576)
SQL injection in wordpress (CVE-2017-6576). Successful exploitation can lead to full system takeover.
CVE-2017-6577 SQL Injection in wordpress (CVE-2017-6577)
SQL injection in wordpress (CVE-2017-6577). Successful exploitation can lead to full system takeover.
CVE-2017-6578 SQL Injection in wordpress (CVE-2017-6578)
SQL injection in wordpress (CVE-2017-6578). Successful exploitation can lead to full system takeover.
CVE-2017-6102 Persistent XSS in wordpress plugin rockhoist-badges v1.2.2.
Persistent XSS in wordpress plugin rockhoist-badges v1.2.2.
CVE-2017-6103 Persistent XSS Vulnerability in Wordpress plugin AnyVar v0.1.1.
Persistent XSS Vulnerability in Wordpress plugin AnyVar v0.1.1.
CVE-2017-6104 Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0.
Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0.
CVE-2016-6485 Vulnerability in magento (CVE-2016-6485)
vulnerability in magento (CVE-2016-6485). Confidential information can be exposed externally.
CVE-2017-6095 SQL Injection in wordpress (CVE-2017-6095)
SQL injection in wordpress (CVE-2017-6095). Successful exploitation can lead to full system takeover.
CVE-2017-6096 SQL Injection in wordpress (CVE-2017-6096)
SQL injection in wordpress (CVE-2017-6096). Successful exploitation can lead to full system takeover.
CVE-2017-6097 SQL Injection in wordpress (CVE-2017-6097)
SQL injection in wordpress (CVE-2017-6097). Successful exploitation can lead to full system takeover.
CVE-2017-6098 SQL Injection in wordpress (CVE-2017-6098)
SQL injection in wordpress (CVE-2017-6098). Successful exploitation can lead to full system takeover.
CVE-2017-5942 Cross-Site Scripting (XSS) in wordpress (CVE-2017-5942)
cross-site scripting in wordpress (CVE-2017-5942). Risk of unauthorized operations or information disclosure.
CVE-2017-5610 Information Disclosure in wordpress (CVE-2017-5610)
vulnerability in wordpress (CVE-2017-5610). Risk of unauthorized operations or information disclosure.
CVE-2017-5611 SQL Injection in wordpress (CVE-2017-5611)
SQL injection in wordpress (CVE-2017-5611). Successful exploitation can lead to full system takeover.
CVE-2017-5612 Cross-Site Scripting (XSS) in wordpress (CVE-2017-5612)
cross-site scripting in wordpress (CVE-2017-5612). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →