Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-15732 |
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
|
| CVE-2017-15733 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-15733)
vulnerability in csrf (CVE-2017-15733). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15734 |
|
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
|
| CVE-2017-15736 |
|
Cross-Site Scripting (XSS) in spip (CVE-2017-15736)
cross-site scripting in spip (CVE-2017-15736). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12628 |
|
Unsafe Deserialization in apache (CVE-2017-12628)
vulnerability in apache (CVE-2017-12628). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15651 |
|
Vulnerability in paessler (CVE-2017-15651)
vulnerability in paessler (CVE-2017-15651). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15648 |
|
In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS via the page_title parameter.
In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS via the page_title parameter.
|
| CVE-2017-15644 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-15644)
SSRF in ssrf (CVE-2017-15644). Confidential information can be exposed externally.
|
| CVE-2017-15645 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-15645)
vulnerability in csrf (CVE-2017-15645). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15646 |
|
Cross-Site Scripting (XSS) in webmin (CVE-2017-15646)
cross-site scripting in webmin (CVE-2017-15646). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-8748 |
|
Cross-Site Scripting (XSS) in apache (CVE-2016-8748)
cross-site scripting in apache (CVE-2016-8748). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-5635 |
|
Authentication Bypass in apache (CVE-2017-5635)
authentication bypass in apache (CVE-2017-5635). Confidential information can be exposed externally.
|
| CVE-2017-5636 |
|
Vulnerability in apache (CVE-2017-5636)
vulnerability in apache (CVE-2017-5636). Successful exploitation can lead to full system takeover.
|
| CVE-2012-6707 |
|
Vulnerability in wordpress (CVE-2012-6707)
vulnerability in wordpress (CVE-2012-6707). Confidential information can be exposed externally.
|
| CVE-2017-10352 |
|
Vulnerability in c (CVE-2017-10352)
vulnerability in c (CVE-2017-10352). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10334 |
|
Information Disclosure in c (CVE-2017-10334)
vulnerability in c (CVE-2017-10334). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10336 |
|
Vulnerability in c (CVE-2017-10336)
vulnerability in c (CVE-2017-10336). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10152 |
|
Information Disclosure in c (CVE-2017-10152)
vulnerability in c (CVE-2017-10152). Confidential information can be exposed externally.
|
| CVE-2017-12289 |
|
Information Disclosure in cisco (CVE-2017-12289)
vulnerability in cisco (CVE-2017-12289). Confidential information can be exposed externally.
|
| CVE-2017-12301 |
|
Vulnerability in cisco (CVE-2017-12301)
vulnerability in cisco (CVE-2017-12301). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3883 |
|
Vulnerability in cisco (CVE-2017-3883)
vulnerability in cisco (CVE-2017-3883). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7714 |
|
SQL Injection in sqli (CVE-2015-7714)
SQL injection in sqli (CVE-2015-7714). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7715 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-7715)
vulnerability in csrf (CVE-2015-7715). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14322 |
|
Authentication Bypass in interspire (CVE-2017-14322)
authentication bypass in interspire (CVE-2017-14322). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14956 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-14956)
vulnerability in csrf (CVE-2017-14956). Confidential information can be exposed externally.
|
| CVE-2015-1239 |
|
Vulnerability in dos (CVE-2015-1239)
vulnerability in dos (CVE-2015-1239). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-8491 |
|
Information Disclosure in wordpress (CVE-2014-8491)
vulnerability in wordpress (CVE-2014-8491). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15578 |
|
SQL Injection in sqli (CVE-2017-15578)
SQL injection in sqli (CVE-2017-15578). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15579 |
|
SQL Injection in sqli (CVE-2017-15579)
SQL injection in sqli (CVE-2017-15579). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15539 |
|
SQL Injection exists in zorovavi/blog through 2017-10-17 via the id parameter to recept.php.
SQL Injection exists in zorovavi/blog through 2017-10-17 via the id parameter to recept.php.
|
| CVE-2017-15538 |
|
Cross-Site Scripting (XSS) in ilias (CVE-2017-15538)
cross-site scripting in ilias (CVE-2017-15538). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7806 |
|
Command Injection in wordpress (CVE-2015-7806)
command injection in wordpress (CVE-2015-7806). Successful exploitation can lead to full system takeover.
|
| CVE-2014-2664 |
|
Unrestricted File Upload in x2engine (CVE-2014-2664)
vulnerability in x2engine (CVE-2014-2664). Successful exploitation can lead to full system takeover.
|
| CVE-2017-0316 |
|
Vulnerability in dos (CVE-2017-0316)
vulnerability in dos (CVE-2017-0316). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7687 |
|
Use-After-Free in dos (CVE-2015-7687)
vulnerability in dos (CVE-2015-7687). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15384 |
|
rate-me.php in Rate Me 1.0 has XSS via the id field in a rate action.
rate-me.php in Rate Me 1.0 has XSS via the id field in a rate action.
|
| CVE-2017-15361 |
|
Vulnerability in infineon (CVE-2017-15361)
vulnerability in infineon (CVE-2017-15361). Confidential information can be exposed externally.
|
| CVE-2016-4461 |
|
Vulnerability in apache (CVE-2016-4461)
vulnerability in apache (CVE-2016-4461). Successful exploitation can lead to full system takeover.
|
| CVE-2014-8087 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2014-8087)
cross-site scripting in wordpress (CVE-2014-8087). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-8621 |
|
SQL Injection in wordpress (CVE-2014-8621)
SQL injection in wordpress (CVE-2014-8621). Successful exploitation can lead to full system takeover.
|
| CVE-2016-8734 |
|
Vulnerability in apache (CVE-2016-8734)
vulnerability in apache (CVE-2016-8734). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15373 |
|
SQL Injection in sqli (CVE-2017-15373)
SQL injection in sqli (CVE-2017-15373). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15362 |
|
Cross-Site Scripting (XSS) in csrf (CVE-2017-15362)
cross-site scripting in csrf (CVE-2017-15362). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15363 |
|
Path Traversal in path-traversal (CVE-2017-15363)
path traversal in path-traversal (CVE-2017-15363). Confidential information can be exposed externally.
|
| CVE-2017-15360 |
|
Cross-Site Scripting (XSS) in paessler (CVE-2017-15360)
cross-site scripting in paessler (CVE-2017-15360). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15304 |
|
Vulnerability in airtame (CVE-2017-15304)
vulnerability in airtame (CVE-2017-15304). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15305 |
|
XSS exists in NexusPHP 1.5 via the keyword parameter to messages.php.
XSS exists in NexusPHP 1.5 via the keyword parameter to messages.php.
|
| CVE-2017-12629 |
|
XXE (XML External Entity) in c (CVE-2017-12629)
vulnerability in c (CVE-2017-12629). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15298 |
|
Vulnerability in dos (CVE-2017-15298)
vulnerability in dos (CVE-2017-15298). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-6815 |
|
Vulnerability in apache (CVE-2016-6815)
vulnerability in apache (CVE-2016-6815). Data can be tampered with by attackers.
|