Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2015-5227 |
|
Vulnerability in wordpress (CVE-2015-5227)
vulnerability in wordpress (CVE-2015-5227). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7943 |
|
Open Redirect in drupal (CVE-2015-7943)
vulnerability in drupal (CVE-2015-7943). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-8491 |
|
Information Disclosure in wordpress (CVE-2014-8491)
vulnerability in wordpress (CVE-2014-8491). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-7813 |
|
Vulnerability in rails (CVE-2014-7813)
vulnerability in rails (CVE-2014-7813). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7806 |
|
Command Injection in wordpress (CVE-2015-7806)
command injection in wordpress (CVE-2015-7806). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4461 |
|
Vulnerability in apache (CVE-2016-4461)
vulnerability in apache (CVE-2016-4461). Successful exploitation can lead to full system takeover.
|
| CVE-2014-8087 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2014-8087)
cross-site scripting in wordpress (CVE-2014-8087). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-8621 |
|
SQL Injection in wordpress (CVE-2014-8621)
SQL injection in wordpress (CVE-2014-8621). Successful exploitation can lead to full system takeover.
|
| CVE-2016-8734 |
|
Vulnerability in apache (CVE-2016-8734)
vulnerability in apache (CVE-2016-8734). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15375 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-15375)
cross-site scripting in wordpress (CVE-2017-15375). Risk of unauthorized operations or information disclosure. Exploitable via ``query``.
|
| CVE-2017-12629 |
|
XXE (XML External Entity) in c (CVE-2017-12629)
vulnerability in c (CVE-2017-12629). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10619 |
|
Vulnerability in express (CVE-2017-10619)
vulnerability in express (CVE-2017-10619). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-6815 |
|
Vulnerability in apache (CVE-2016-6815)
vulnerability in apache (CVE-2016-6815). Data can be tampered with by attackers.
|
| CVE-2016-8736 |
|
Unsafe Deserialization in apache (CVE-2016-8736)
vulnerability in apache (CVE-2016-8736). Successful exploitation can lead to full system takeover.
|
| CVE-2016-9263 |
|
Vulnerability in wordpress (CVE-2016-9263)
vulnerability in wordpress (CVE-2016-9263). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12623 |
|
XXE (XML External Entity) in apache (CVE-2017-12623)
vulnerability in apache (CVE-2017-12623). Confidential information can be exposed externally.
|
| CVE-2017-5637 |
|
Vulnerability in apache (CVE-2017-5637)
vulnerability in apache (CVE-2017-5637). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.4.10` or later.
|
| CVE-2014-0030 |
|
XXE (XML External Entity) in apache (CVE-2014-0030)
vulnerability in apache (CVE-2014-0030). Successful exploitation can lead to full system takeover.
|
| CVE-2015-2673 |
|
Vulnerability in wordpress (CVE-2015-2673)
vulnerability in wordpress (CVE-2015-2673). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15079 |
|
Path Traversal in wordpress (CVE-2017-15079)
path traversal in wordpress (CVE-2017-15079). Confidential information can be exposed externally.
|
| CVE-2014-7240 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2014-7240)
cross-site scripting in wordpress (CVE-2014-7240). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-8492 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2014-8492)
cross-site scripting in wordpress (CVE-2014-8492). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-8758 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2014-8758)
cross-site scripting in wordpress (CVE-2014-8758). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9792 |
|
Vulnerability in apache (CVE-2017-9792)
vulnerability in apache (CVE-2017-9792). Data can be tampered with by attackers.
|
| CVE-2017-14990 |
|
Vulnerability in wordpress (CVE-2017-14990)
vulnerability in wordpress (CVE-2017-14990). Confidential information can be exposed externally.
|
| CVE-2017-9797 |
|
Information Disclosure in apache (CVE-2017-9797)
vulnerability in apache (CVE-2017-9797). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14848 |
|
SQL Injection in wordpress (CVE-2017-14848)
SQL injection in wordpress (CVE-2017-14848). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12620 |
|
XXE (XML External Entity) in apache (CVE-2017-12620)
vulnerability in apache (CVE-2017-12620). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7357 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2015-7357)
cross-site scripting in wordpress (CVE-2015-7357). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7980 |
|
Cross-Site Scripting (XSS) in drupal (CVE-2015-7980)
cross-site scripting in drupal (CVE-2015-7980). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-0043 |
|
Information Disclosure in apache (CVE-2014-0043)
vulnerability in apache (CVE-2014-0043). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-6806 |
|
Cross-Site Request Forgery (CSRF) in apache (CVE-2016-6806)
vulnerability in apache (CVE-2016-6806). Successful exploitation can lead to full system takeover. Exploitable via `Referer header`.
|
| CVE-2017-9794 |
|
Information Disclosure in apache (CVE-2017-9794)
vulnerability in apache (CVE-2017-9794). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13986 |
|
Cross-Site Scripting (XSS) in express (CVE-2017-13986)
cross-site scripting in express (CVE-2017-13986). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13987 |
|
Vulnerability in express (CVE-2017-13987)
vulnerability in express (CVE-2017-13987). Confidential information can be exposed externally.
|
| CVE-2017-13988 |
|
Vulnerability in express (CVE-2017-13988)
vulnerability in express (CVE-2017-13988). Data can be tampered with by attackers.
|
| CVE-2017-13989 |
|
Vulnerability in express (CVE-2017-13989)
vulnerability in express (CVE-2017-13989). Confidential information can be exposed externally.
|
| CVE-2017-13990 |
|
Information Disclosure in express (CVE-2017-13990)
vulnerability in express (CVE-2017-13990). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13991 |
|
Information Disclosure in express (CVE-2017-13991)
vulnerability in express (CVE-2017-13991). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-9233 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2015-9233)
vulnerability in wordpress (CVE-2015-9233). Successful exploitation can lead to full system takeover.
|
| CVE-2015-9234 |
|
SQL Injection in wordpress (CVE-2015-9234)
SQL injection in wordpress (CVE-2015-9234). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4434 |
|
XXE (XML External Entity) in apache (CVE-2016-4434)
vulnerability in apache (CVE-2016-4434). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7687 |
|
Vulnerability in apache (CVE-2017-7687)
vulnerability in apache (CVE-2017-7687). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9790 |
|
Use-After-Free in apache (CVE-2017-9790)
vulnerability in apache (CVE-2017-9790). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14507 |
|
SQL Injection in wordpress (CVE-2017-14507)
SQL injection in wordpress (CVE-2017-14507). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14842 |
|
SQL Injection in wordpress (CVE-2017-14842)
SQL injection in wordpress (CVE-2017-14842). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14843 |
|
Mojoomla School Management System for WordPress allows SQL Injection via the id parameter.
Mojoomla School Management System for WordPress allows SQL Injection via the id parameter.
|
| CVE-2017-14844 |
|
Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter.
Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter.
|
| CVE-2017-14845 |
|
Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter.
Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter.
|
| CVE-2017-14846 |
|
Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter.
Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter.
|