Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: products Clear
ID Title
CVE-2017-15732 In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
CVE-2017-15733 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-15733)
vulnerability in csrf (CVE-2017-15733). Successful exploitation can lead to full system takeover.
CVE-2017-15734 In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
CVE-2017-15736 Cross-Site Scripting (XSS) in spip (CVE-2017-15736)
cross-site scripting in spip (CVE-2017-15736). Risk of unauthorized operations or information disclosure.
CVE-2017-12628 Unsafe Deserialization in apache (CVE-2017-12628)
vulnerability in apache (CVE-2017-12628). Successful exploitation can lead to full system takeover.
CVE-2017-15651 Vulnerability in paessler (CVE-2017-15651)
vulnerability in paessler (CVE-2017-15651). Successful exploitation can lead to full system takeover.
CVE-2017-15648 In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS via the page_title parameter.
In PHPSUGAR PHP Melody before 2.7.3, page_manager.php has XSS via the page_title parameter.
CVE-2017-15644 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-15644)
SSRF in ssrf (CVE-2017-15644). Confidential information can be exposed externally.
CVE-2017-15645 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-15645)
vulnerability in csrf (CVE-2017-15645). Successful exploitation can lead to full system takeover.
CVE-2017-15646 Cross-Site Scripting (XSS) in webmin (CVE-2017-15646)
cross-site scripting in webmin (CVE-2017-15646). Risk of unauthorized operations or information disclosure.
CVE-2016-8748 Cross-Site Scripting (XSS) in apache (CVE-2016-8748)
cross-site scripting in apache (CVE-2016-8748). Risk of unauthorized operations or information disclosure.
CVE-2017-5635 Authentication Bypass in apache (CVE-2017-5635)
authentication bypass in apache (CVE-2017-5635). Confidential information can be exposed externally.
CVE-2017-5636 Vulnerability in apache (CVE-2017-5636)
vulnerability in apache (CVE-2017-5636). Successful exploitation can lead to full system takeover.
CVE-2012-6707 Vulnerability in wordpress (CVE-2012-6707)
vulnerability in wordpress (CVE-2012-6707). Confidential information can be exposed externally.
CVE-2017-10352 Vulnerability in c (CVE-2017-10352)
vulnerability in c (CVE-2017-10352). Risk of unauthorized operations or information disclosure.
CVE-2017-10334 Information Disclosure in c (CVE-2017-10334)
vulnerability in c (CVE-2017-10334). Risk of unauthorized operations or information disclosure.
CVE-2017-10336 Vulnerability in c (CVE-2017-10336)
vulnerability in c (CVE-2017-10336). Risk of unauthorized operations or information disclosure.
CVE-2017-10152 Information Disclosure in c (CVE-2017-10152)
vulnerability in c (CVE-2017-10152). Confidential information can be exposed externally.
CVE-2017-12289 Information Disclosure in cisco (CVE-2017-12289)
vulnerability in cisco (CVE-2017-12289). Confidential information can be exposed externally.
CVE-2017-12301 Vulnerability in cisco (CVE-2017-12301)
vulnerability in cisco (CVE-2017-12301). Successful exploitation can lead to full system takeover.
CVE-2017-3883 Vulnerability in cisco (CVE-2017-3883)
vulnerability in cisco (CVE-2017-3883). Risk of unauthorized operations or information disclosure.
CVE-2015-7714 SQL Injection in sqli (CVE-2015-7714)
SQL injection in sqli (CVE-2015-7714). Successful exploitation can lead to full system takeover.
CVE-2015-7715 Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-7715)
vulnerability in csrf (CVE-2015-7715). Successful exploitation can lead to full system takeover.
CVE-2017-14322 Authentication Bypass in interspire (CVE-2017-14322)
authentication bypass in interspire (CVE-2017-14322). Successful exploitation can lead to full system takeover.
CVE-2017-14956 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-14956)
vulnerability in csrf (CVE-2017-14956). Confidential information can be exposed externally.
CVE-2015-1239 Vulnerability in dos (CVE-2015-1239)
vulnerability in dos (CVE-2015-1239). Risk of unauthorized operations or information disclosure.
CVE-2014-8491 Information Disclosure in wordpress (CVE-2014-8491)
vulnerability in wordpress (CVE-2014-8491). Risk of unauthorized operations or information disclosure.
CVE-2017-15578 SQL Injection in sqli (CVE-2017-15578)
SQL injection in sqli (CVE-2017-15578). Successful exploitation can lead to full system takeover.
CVE-2017-15579 SQL Injection in sqli (CVE-2017-15579)
SQL injection in sqli (CVE-2017-15579). Successful exploitation can lead to full system takeover.
CVE-2017-15539 SQL Injection exists in zorovavi/blog through 2017-10-17 via the id parameter to recept.php.
SQL Injection exists in zorovavi/blog through 2017-10-17 via the id parameter to recept.php.
CVE-2017-15538 Cross-Site Scripting (XSS) in ilias (CVE-2017-15538)
cross-site scripting in ilias (CVE-2017-15538). Risk of unauthorized operations or information disclosure.
CVE-2015-7806 Command Injection in wordpress (CVE-2015-7806)
command injection in wordpress (CVE-2015-7806). Successful exploitation can lead to full system takeover.
CVE-2014-2664 Unrestricted File Upload in x2engine (CVE-2014-2664)
vulnerability in x2engine (CVE-2014-2664). Successful exploitation can lead to full system takeover.
CVE-2017-0316 Vulnerability in dos (CVE-2017-0316)
vulnerability in dos (CVE-2017-0316). Successful exploitation can lead to full system takeover.
CVE-2015-7687 Use-After-Free in dos (CVE-2015-7687)
vulnerability in dos (CVE-2015-7687). Successful exploitation can lead to full system takeover.
CVE-2017-15384 rate-me.php in Rate Me 1.0 has XSS via the id field in a rate action.
rate-me.php in Rate Me 1.0 has XSS via the id field in a rate action.
CVE-2017-15361 Vulnerability in infineon (CVE-2017-15361)
vulnerability in infineon (CVE-2017-15361). Confidential information can be exposed externally.
CVE-2016-4461 Vulnerability in apache (CVE-2016-4461)
vulnerability in apache (CVE-2016-4461). Successful exploitation can lead to full system takeover.
CVE-2014-8087 Cross-Site Scripting (XSS) in wordpress (CVE-2014-8087)
cross-site scripting in wordpress (CVE-2014-8087). Risk of unauthorized operations or information disclosure.
CVE-2014-8621 SQL Injection in wordpress (CVE-2014-8621)
SQL injection in wordpress (CVE-2014-8621). Successful exploitation can lead to full system takeover.
CVE-2016-8734 Vulnerability in apache (CVE-2016-8734)
vulnerability in apache (CVE-2016-8734). Risk of unauthorized operations or information disclosure.
CVE-2017-15373 SQL Injection in sqli (CVE-2017-15373)
SQL injection in sqli (CVE-2017-15373). Successful exploitation can lead to full system takeover.
CVE-2017-15362 Cross-Site Scripting (XSS) in csrf (CVE-2017-15362)
cross-site scripting in csrf (CVE-2017-15362). Risk of unauthorized operations or information disclosure.
CVE-2017-15363 Path Traversal in path-traversal (CVE-2017-15363)
path traversal in path-traversal (CVE-2017-15363). Confidential information can be exposed externally.
CVE-2017-15360 Cross-Site Scripting (XSS) in paessler (CVE-2017-15360)
cross-site scripting in paessler (CVE-2017-15360). Risk of unauthorized operations or information disclosure.
CVE-2017-15304 Vulnerability in airtame (CVE-2017-15304)
vulnerability in airtame (CVE-2017-15304). Successful exploitation can lead to full system takeover.
CVE-2017-15305 XSS exists in NexusPHP 1.5 via the keyword parameter to messages.php.
XSS exists in NexusPHP 1.5 via the keyword parameter to messages.php.
CVE-2017-12629 XXE (XML External Entity) in c (CVE-2017-12629)
vulnerability in c (CVE-2017-12629). Successful exploitation can lead to full system takeover.
CVE-2017-15298 Vulnerability in dos (CVE-2017-15298)
vulnerability in dos (CVE-2017-15298). Risk of unauthorized operations or information disclosure.
CVE-2016-6815 Vulnerability in apache (CVE-2016-6815)
vulnerability in apache (CVE-2016-6815). Data can be tampered with by attackers.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →