Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: web-frameworks Clear
ID Title
CVE-2017-1002001 Unrestricted File Upload in wordpress (CVE-2017-1002001)
vulnerability in wordpress (CVE-2017-1002001). Successful exploitation can lead to full system takeover.
CVE-2017-1002002 Unrestricted File Upload in wordpress (CVE-2017-1002002)
vulnerability in wordpress (CVE-2017-1002002). Successful exploitation can lead to full system takeover.
CVE-2017-1002003 Unrestricted File Upload in wordpress (CVE-2017-1002003)
vulnerability in wordpress (CVE-2017-1002003). Successful exploitation can lead to full system takeover.
CVE-2017-1002004 SQL Injection in wordpress (CVE-2017-1002004)
SQL injection in wordpress (CVE-2017-1002004). Data can be tampered with by attackers.
CVE-2017-1002005 SQL Injection in wordpress (CVE-2017-1002005)
SQL injection in wordpress (CVE-2017-1002005). Data can be tampered with by attackers.
CVE-2017-1002006 Vulnerability in wordpress (CVE-2017-1002006)
vulnerability in wordpress (CVE-2017-1002006). Data can be tampered with by attackers.
CVE-2017-1002007 Vulnerability in wordpress (CVE-2017-1002007)
vulnerability in wordpress (CVE-2017-1002007). Data can be tampered with by attackers.
CVE-2017-1002008 Unrestricted File Upload in wordpress (CVE-2017-1002008)
vulnerability in wordpress (CVE-2017-1002008). Successful exploitation can lead to full system takeover.
CVE-2017-1002009 SQL Injection in wordpress (CVE-2017-1002009)
SQL injection in wordpress (CVE-2017-1002009). Successful exploitation can lead to full system takeover.
CVE-2017-1002010 SQL Injection in wordpress (CVE-2017-1002010)
SQL injection in wordpress (CVE-2017-1002010). Successful exploitation can lead to full system takeover.
CVE-2017-1002011 Cross-Site Scripting (XSS) in wordpress (CVE-2017-1002011)
cross-site scripting in wordpress (CVE-2017-1002011). Risk of unauthorized operations or information disclosure.
CVE-2017-1002012 SQL Injection in wordpress (CVE-2017-1002012)
SQL injection in wordpress (CVE-2017-1002012). Successful exploitation can lead to full system takeover.
CVE-2017-1002013 SQL Injection in wordpress (CVE-2017-1002013)
SQL injection in wordpress (CVE-2017-1002013). Successful exploitation can lead to full system takeover.
CVE-2017-1002014 SQL Injection in wordpress (CVE-2017-1002014)
SQL injection in wordpress (CVE-2017-1002014). Successful exploitation can lead to full system takeover.
CVE-2017-1002015 SQL Injection in wordpress (CVE-2017-1002015)
SQL injection in wordpress (CVE-2017-1002015). Successful exploitation can lead to full system takeover.
CVE-2017-1002016 Unrestricted File Upload in wordpress (CVE-2017-1002016)
vulnerability in wordpress (CVE-2017-1002016). Successful exploitation can lead to full system takeover.
CVE-2017-1002017 Cross-Site Scripting (XSS) in wordpress (CVE-2017-1002017)
cross-site scripting in wordpress (CVE-2017-1002017). Risk of unauthorized operations or information disclosure.
CVE-2017-1002018 SQL Injection in wordpress (CVE-2017-1002018)
SQL injection in wordpress (CVE-2017-1002018). Successful exploitation can lead to full system takeover.
CVE-2017-1002019 SQL Injection in wordpress (CVE-2017-1002019)
SQL injection in wordpress (CVE-2017-1002019). Successful exploitation can lead to full system takeover.
CVE-2017-1002020 SQL Injection in wordpress (CVE-2017-1002020)
SQL injection in wordpress (CVE-2017-1002020). Successful exploitation can lead to full system takeover.
CVE-2017-1002021 SQL Injection in wordpress (CVE-2017-1002021)
SQL injection in wordpress (CVE-2017-1002021). Successful exploitation can lead to full system takeover.
CVE-2015-2749 Open Redirect in drupal (CVE-2015-2749)
vulnerability in drupal (CVE-2015-2749). Risk of unauthorized operations or information disclosure.
CVE-2015-2750 Open Redirect in drupal (CVE-2015-2750)
vulnerability in drupal (CVE-2015-2750). Risk of unauthorized operations or information disclosure.
CVE-2015-7880 Information Disclosure in drupal (CVE-2015-7880)
vulnerability in drupal (CVE-2015-7880). Risk of unauthorized operations or information disclosure.
CVE-2015-5168 Vulnerability in apache (CVE-2015-5168)
vulnerability in apache (CVE-2015-5168). Successful exploitation can lead to full system takeover.
CVE-2015-5206 Vulnerability in apache (CVE-2015-5206)
vulnerability in apache (CVE-2015-5206). Successful exploitation can lead to full system takeover.
CVE-2016-8737 Cross-Site Request Forgery (CSRF) in apache (CVE-2016-8737)
vulnerability in apache (CVE-2016-8737). Successful exploitation can lead to full system takeover.
CVE-2016-8744 Unsafe Deserialization in apache (CVE-2016-8744)
vulnerability in apache (CVE-2016-8744). Successful exploitation can lead to full system takeover.
CVE-2017-12612 Unsafe Deserialization in apache (CVE-2017-12612)
vulnerability in apache (CVE-2017-12612). Successful exploitation can lead to full system takeover.
CVE-2017-3165 Cross-Site Scripting (XSS) in apache (CVE-2017-3165)
cross-site scripting in apache (CVE-2017-3165). Risk of unauthorized operations or information disclosure.
CVE-2015-9229 Cross-Site Scripting (XSS) in wordpress (CVE-2015-9229)
cross-site scripting in wordpress (CVE-2015-9229). Risk of unauthorized operations or information disclosure.
CVE-2015-9230 Cross-Site Scripting (XSS) in wordpress (CVE-2015-9230)
cross-site scripting in wordpress (CVE-2015-9230). Risk of unauthorized operations or information disclosure.
CVE-2014-9634 Vulnerability in tomcat (CVE-2014-9634)
vulnerability in tomcat (CVE-2014-9634). Risk of unauthorized operations or information disclosure.
CVE-2014-9635 Vulnerability in tomcat (CVE-2014-9635)
vulnerability in tomcat (CVE-2014-9635). Risk of unauthorized operations or information disclosure. Exploitable via `Cookie header`.
CVE-2015-9228 Unrestricted File Upload in wordpress (CVE-2015-9228)
vulnerability in wordpress (CVE-2015-9228). Successful exploitation can lead to full system takeover.
CVE-2017-14313 Cross-Site Scripting (XSS) in wordpress (CVE-2017-14313)
cross-site scripting in wordpress (CVE-2017-14313). Risk of unauthorized operations or information disclosure.
CVE-2015-8350 Cross-Site Scripting (XSS) in wordpress (CVE-2015-8350)
cross-site scripting in wordpress (CVE-2015-8350). Risk of unauthorized operations or information disclosure.
CVE-2015-8351 Code Injection in wordpress (CVE-2015-8351)
code injection in wordpress (CVE-2015-8351). Successful exploitation can lead to full system takeover.
CVE-2015-8353 Cross-Site Scripting (XSS) in wordpress (CVE-2015-8353)
cross-site scripting in wordpress (CVE-2015-8353). Risk of unauthorized operations or information disclosure.
CVE-2015-8354 Cross-Site Scripting (XSS) in wordpress (CVE-2015-8354)
cross-site scripting in wordpress (CVE-2015-8354). Risk of unauthorized operations or information disclosure.
CVE-2015-7877 SQL Injection in drupal (CVE-2015-7877)
SQL injection in drupal (CVE-2015-7877). Successful exploitation can lead to full system takeover.
CVE-2015-7879 Cross-Site Scripting (XSS) in drupal (CVE-2015-7879)
cross-site scripting in drupal (CVE-2015-7879). Risk of unauthorized operations or information disclosure.
CVE-2015-3313 SQL injection vulnerability in WordPress Community Events plugin before 1.4.
SQL injection vulnerability in WordPress Community Events plugin before 1.4.
CVE-2015-3314 SQL injection vulnerability in WordPress Tune Library plugin before 1.5.5.
SQL injection vulnerability in WordPress Tune Library plugin before 1.5.5.
CVE-2015-4697 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2015-4697)
vulnerability in wordpress (CVE-2015-4697). Successful exploitation can lead to full system takeover.
CVE-2015-4085 Path Traversal in express (CVE-2015-4085)
path traversal in express (CVE-2015-4085). Confidential information can be exposed externally.
CVE-2017-9834 SQL Injection in wordpress (CVE-2017-9834)
SQL injection in wordpress (CVE-2017-9834). Successful exploitation can lead to full system takeover.
CVE-2017-12794 Cross-Site Scripting (XSS) in django (CVE-2017-12794)
cross-site scripting in django (CVE-2017-12794). Risk of unauthorized operations or information disclosure.
CVE-2015-3250 Information Disclosure in apache (CVE-2015-3250)
vulnerability in apache (CVE-2015-3250). Confidential information can be exposed externally.
CVE-2016-3086 Information Disclosure in apache (CVE-2016-3086)
vulnerability in apache (CVE-2016-3086). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →