Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: web-frameworks Clear
ID Title
CVE-2017-14126 The Participants Database plugin before 1.7.5.10 for WordPress has XSS.
The Participants Database plugin before 1.7.5.10 for WordPress has XSS.
CVE-2016-5001 Information Disclosure in apache (CVE-2016-5001)
vulnerability in apache (CVE-2016-5001). Confidential information can be exposed externally.
CVE-2016-4462 Vulnerability in apache (CVE-2016-4462)
vulnerability in apache (CVE-2016-4462). Successful exploitation can lead to full system takeover.
CVE-2016-6800 Cross-Site Scripting (XSS) in apache (CVE-2016-6800)
cross-site scripting in apache (CVE-2016-6800). Risk of unauthorized operations or information disclosure.
CVE-2017-3163 Path Traversal in apache (CVE-2017-3163)
path traversal in apache (CVE-2017-3163). Confidential information can be exposed externally.
CVE-2016-8752 Vulnerability in apache (CVE-2016-8752)
vulnerability in apache (CVE-2016-8752). Confidential information can be exposed externally.
CVE-2017-3150 Cross-Site Scripting (XSS) in apache (CVE-2017-3150)
cross-site scripting in apache (CVE-2017-3150). Risk of unauthorized operations or information disclosure.
CVE-2017-3151 Cross-Site Scripting (XSS) in apache (CVE-2017-3151)
cross-site scripting in apache (CVE-2017-3151). Risk of unauthorized operations or information disclosure.
CVE-2017-3152 Cross-Site Scripting (XSS) in apache (CVE-2017-3152)
cross-site scripting in apache (CVE-2017-3152). Risk of unauthorized operations or information disclosure.
CVE-2017-3153 Cross-Site Scripting (XSS) in apache (CVE-2017-3153)
cross-site scripting in apache (CVE-2017-3153). Risk of unauthorized operations or information disclosure.
CVE-2017-3154 Information Disclosure in apache (CVE-2017-3154)
vulnerability in apache (CVE-2017-3154). Confidential information can be exposed externally.
CVE-2017-3155 Cross-Site Scripting (XSS) in apache (CVE-2017-3155)
cross-site scripting in apache (CVE-2017-3155). Risk of unauthorized operations or information disclosure.
CVE-2015-7517 SQL Injection in wordpress (CVE-2015-7517)
SQL injection in wordpress (CVE-2015-7517). Successful exploitation can lead to full system takeover.
CVE-2015-5209 Vulnerability in apache (CVE-2015-5209)
vulnerability in apache (CVE-2015-5209). Data can be tampered with by attackers.
CVE-2015-0101 Cross-Site Scripting (XSS) in express (CVE-2015-0101)
cross-site scripting in express (CVE-2015-0101). Risk of unauthorized operations or information disclosure.
CVE-2017-13137 The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
CVE-2017-13138 Cross-Site Scripting (XSS) in wordpress (CVE-2017-13138)
cross-site scripting in wordpress (CVE-2017-13138). Risk of unauthorized operations or information disclosure.
CVE-2016-4460 Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication.
Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication.
CVE-2017-12977 SQL Injection in wordpress (CVE-2017-12977)
SQL injection in wordpress (CVE-2017-12977). Successful exploitation can lead to full system takeover.
CVE-2017-12946 SQL Injection in wordpress (CVE-2017-12946)
SQL injection in wordpress (CVE-2017-12946). Successful exploitation can lead to full system takeover.
CVE-2017-12947 SQL Injection in wordpress (CVE-2017-12947)
SQL injection in wordpress (CVE-2017-12947). Successful exploitation can lead to full system takeover.
CVE-2017-12948 Cross-Site Scripting (XSS) in wordpress (CVE-2017-12948)
cross-site scripting in wordpress (CVE-2017-12948). Risk of unauthorized operations or information disclosure.
CVE-2017-12949 SQL Injection in wordpress (CVE-2017-12949)
SQL injection in wordpress (CVE-2017-12949). Successful exploitation can lead to full system takeover.
CVE-2015-5057 Cross-Site Scripting (XSS) in wordpress (CVE-2015-5057)
cross-site scripting in wordpress (CVE-2015-5057). Risk of unauthorized operations or information disclosure.
CVE-2015-5081 Cross-Site Request Forgery (CSRF) in django-cms (CVE-2015-5081)
vulnerability in django-cms (CVE-2015-5081). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `f77cbc607d6e2a62e63287d37ad320109a2cc78a, 3.0.14, 3.1.1` or later.
CVE-2017-9802 Cross-Site Scripting (XSS) in apache (CVE-2017-9802)
cross-site scripting in apache (CVE-2017-9802). Risk of unauthorized operations or information disclosure.
CVE-2017-9800 Vulnerability in apache (CVE-2017-9800)
vulnerability in apache (CVE-2017-9800). Successful exploitation can lead to full system takeover.
CVE-2016-6796 Vulnerability in apache (CVE-2016-6796)
vulnerability in apache (CVE-2016-6796). Data can be tampered with by attackers.
CVE-2017-7674 Vulnerability in apache (CVE-2017-7674)
vulnerability in apache (CVE-2017-7674). Risk of unauthorized operations or information disclosure.
CVE-2017-7675 Path Traversal in apache (CVE-2017-7675)
path traversal in apache (CVE-2017-7675). Confidential information can be exposed externally.
CVE-2016-6797 Authorization Flaw in apache (CVE-2016-6797)
vulnerability in apache (CVE-2016-6797). Confidential information can be exposed externally.
CVE-2016-6817 Buffer Overflow in apache (CVE-2016-6817)
vulnerability in apache (CVE-2016-6817). Risk of unauthorized operations or information disclosure.
CVE-2016-8745 Vulnerability in apache (CVE-2016-8745)
vulnerability in apache (CVE-2016-8745). Confidential information can be exposed externally.
CVE-2016-8739 XXE (XML External Entity) in apache (CVE-2016-8739)
vulnerability in apache (CVE-2016-8739). Confidential information can be exposed externally.
CVE-2017-3156 Vulnerability in apache (CVE-2017-3156)
vulnerability in apache (CVE-2017-3156). Confidential information can be exposed externally.
CVE-2016-0762 Vulnerability in apache (CVE-2016-0762)
vulnerability in apache (CVE-2016-0762). Confidential information can be exposed externally.
CVE-2016-5018 Vulnerability in apache (CVE-2016-5018)
vulnerability in apache (CVE-2016-5018). Confidential information can be exposed externally.
CVE-2016-6794 Vulnerability in apache (CVE-2016-6794)
vulnerability in apache (CVE-2016-6794). Risk of unauthorized operations or information disclosure.
CVE-2016-6812 Cross-Site Scripting (XSS) in apache (CVE-2016-6812)
cross-site scripting in apache (CVE-2016-6812). Risk of unauthorized operations or information disclosure.
CVE-2017-9799 Vulnerability in apache (CVE-2017-9799)
vulnerability in apache (CVE-2017-9799). Successful exploitation can lead to full system takeover.
CVE-2014-6393 Cross-Site Scripting (XSS) in express (CVE-2014-6393)
cross-site scripting in express (CVE-2014-6393). Risk of unauthorized operations or information disclosure.
CVE-2017-8691 Buffer Overflow in express (CVE-2017-8691)
vulnerability in express (CVE-2017-8691). Successful exploitation can lead to full system takeover.
CVE-2010-2245 XXE (XML External Entity) in apache (CVE-2010-2245)
vulnerability in apache (CVE-2010-2245). Confidential information can be exposed externally.
CVE-2011-4343 Information Disclosure in apache (CVE-2011-4343)
vulnerability in apache (CVE-2011-4343). Confidential information can be exposed externally.
CVE-2012-0803 Authentication Bypass in apache (CVE-2012-0803)
authentication bypass in apache (CVE-2012-0803). Successful exploitation can lead to full system takeover.
CVE-2012-0880 Vulnerability in c (CVE-2012-0880)
vulnerability in c (CVE-2012-0880). Risk of unauthorized operations or information disclosure.
CVE-2017-12677 Cross-Site Scripting (XSS) in angular (CVE-2017-12677)
cross-site scripting in angular (CVE-2017-12677). Risk of unauthorized operations or information disclosure.
CVE-2014-9260 Vulnerability in wordpress (CVE-2014-9260)
vulnerability in wordpress (CVE-2014-9260). Successful exploitation can lead to full system takeover.
CVE-2014-9262 Vulnerability in wordpress (CVE-2014-9262)
vulnerability in wordpress (CVE-2014-9262). Confidential information can be exposed externally.
CVE-2017-12650 SQL Injection in wordpress (CVE-2017-12650)
SQL injection in wordpress (CVE-2017-12650). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →