Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-14126 |
|
The Participants Database plugin before 1.7.5.10 for WordPress has XSS.
The Participants Database plugin before 1.7.5.10 for WordPress has XSS.
|
| CVE-2016-5001 |
|
Information Disclosure in apache (CVE-2016-5001)
vulnerability in apache (CVE-2016-5001). Confidential information can be exposed externally.
|
| CVE-2016-4462 |
|
Vulnerability in apache (CVE-2016-4462)
vulnerability in apache (CVE-2016-4462). Successful exploitation can lead to full system takeover.
|
| CVE-2016-6800 |
|
Cross-Site Scripting (XSS) in apache (CVE-2016-6800)
cross-site scripting in apache (CVE-2016-6800). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-3163 |
|
Path Traversal in apache (CVE-2017-3163)
path traversal in apache (CVE-2017-3163). Confidential information can be exposed externally.
|
| CVE-2016-8752 |
|
Vulnerability in apache (CVE-2016-8752)
vulnerability in apache (CVE-2016-8752). Confidential information can be exposed externally.
|
| CVE-2017-3150 |
|
Cross-Site Scripting (XSS) in apache (CVE-2017-3150)
cross-site scripting in apache (CVE-2017-3150). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-3151 |
|
Cross-Site Scripting (XSS) in apache (CVE-2017-3151)
cross-site scripting in apache (CVE-2017-3151). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-3152 |
|
Cross-Site Scripting (XSS) in apache (CVE-2017-3152)
cross-site scripting in apache (CVE-2017-3152). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-3153 |
|
Cross-Site Scripting (XSS) in apache (CVE-2017-3153)
cross-site scripting in apache (CVE-2017-3153). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-3154 |
|
Information Disclosure in apache (CVE-2017-3154)
vulnerability in apache (CVE-2017-3154). Confidential information can be exposed externally.
|
| CVE-2017-3155 |
|
Cross-Site Scripting (XSS) in apache (CVE-2017-3155)
cross-site scripting in apache (CVE-2017-3155). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7517 |
|
SQL Injection in wordpress (CVE-2015-7517)
SQL injection in wordpress (CVE-2015-7517). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5209 |
|
Vulnerability in apache (CVE-2015-5209)
vulnerability in apache (CVE-2015-5209). Data can be tampered with by attackers.
|
| CVE-2015-0101 |
|
Cross-Site Scripting (XSS) in express (CVE-2015-0101)
cross-site scripting in express (CVE-2015-0101). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13137 |
|
The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
|
| CVE-2017-13138 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-13138)
cross-site scripting in wordpress (CVE-2017-13138). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4460 |
|
Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication.
Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication.
|
| CVE-2017-12977 |
|
SQL Injection in wordpress (CVE-2017-12977)
SQL injection in wordpress (CVE-2017-12977). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12946 |
|
SQL Injection in wordpress (CVE-2017-12946)
SQL injection in wordpress (CVE-2017-12946). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12947 |
|
SQL Injection in wordpress (CVE-2017-12947)
SQL injection in wordpress (CVE-2017-12947). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12948 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-12948)
cross-site scripting in wordpress (CVE-2017-12948). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12949 |
|
SQL Injection in wordpress (CVE-2017-12949)
SQL injection in wordpress (CVE-2017-12949). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5057 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2015-5057)
cross-site scripting in wordpress (CVE-2015-5057). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-5081 |
|
Cross-Site Request Forgery (CSRF) in django-cms (CVE-2015-5081)
vulnerability in django-cms (CVE-2015-5081). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `f77cbc607d6e2a62e63287d37ad320109a2cc78a, 3.0.14, 3.1.1` or later.
|
| CVE-2017-9802 |
|
Cross-Site Scripting (XSS) in apache (CVE-2017-9802)
cross-site scripting in apache (CVE-2017-9802). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9800 |
|
Vulnerability in apache (CVE-2017-9800)
vulnerability in apache (CVE-2017-9800). Successful exploitation can lead to full system takeover.
|
| CVE-2016-6796 |
|
Vulnerability in apache (CVE-2016-6796)
vulnerability in apache (CVE-2016-6796). Data can be tampered with by attackers.
|
| CVE-2017-7674 |
|
Vulnerability in apache (CVE-2017-7674)
vulnerability in apache (CVE-2017-7674). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7675 |
|
Path Traversal in apache (CVE-2017-7675)
path traversal in apache (CVE-2017-7675). Confidential information can be exposed externally.
|
| CVE-2016-6797 |
|
Authorization Flaw in apache (CVE-2016-6797)
vulnerability in apache (CVE-2016-6797). Confidential information can be exposed externally.
|
| CVE-2016-6817 |
|
Buffer Overflow in apache (CVE-2016-6817)
vulnerability in apache (CVE-2016-6817). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-8745 |
|
Vulnerability in apache (CVE-2016-8745)
vulnerability in apache (CVE-2016-8745). Confidential information can be exposed externally.
|
| CVE-2016-8739 |
|
XXE (XML External Entity) in apache (CVE-2016-8739)
vulnerability in apache (CVE-2016-8739). Confidential information can be exposed externally.
|
| CVE-2017-3156 |
|
Vulnerability in apache (CVE-2017-3156)
vulnerability in apache (CVE-2017-3156). Confidential information can be exposed externally.
|
| CVE-2016-0762 |
|
Vulnerability in apache (CVE-2016-0762)
vulnerability in apache (CVE-2016-0762). Confidential information can be exposed externally.
|
| CVE-2016-5018 |
|
Vulnerability in apache (CVE-2016-5018)
vulnerability in apache (CVE-2016-5018). Confidential information can be exposed externally.
|
| CVE-2016-6794 |
|
Vulnerability in apache (CVE-2016-6794)
vulnerability in apache (CVE-2016-6794). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-6812 |
|
Cross-Site Scripting (XSS) in apache (CVE-2016-6812)
cross-site scripting in apache (CVE-2016-6812). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9799 |
|
Vulnerability in apache (CVE-2017-9799)
vulnerability in apache (CVE-2017-9799). Successful exploitation can lead to full system takeover.
|
| CVE-2014-6393 |
|
Cross-Site Scripting (XSS) in express (CVE-2014-6393)
cross-site scripting in express (CVE-2014-6393). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8691 |
|
Buffer Overflow in express (CVE-2017-8691)
vulnerability in express (CVE-2017-8691). Successful exploitation can lead to full system takeover.
|
| CVE-2010-2245 |
|
XXE (XML External Entity) in apache (CVE-2010-2245)
vulnerability in apache (CVE-2010-2245). Confidential information can be exposed externally.
|
| CVE-2011-4343 |
|
Information Disclosure in apache (CVE-2011-4343)
vulnerability in apache (CVE-2011-4343). Confidential information can be exposed externally.
|
| CVE-2012-0803 |
|
Authentication Bypass in apache (CVE-2012-0803)
authentication bypass in apache (CVE-2012-0803). Successful exploitation can lead to full system takeover.
|
| CVE-2012-0880 |
|
Vulnerability in c (CVE-2012-0880)
vulnerability in c (CVE-2012-0880). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12677 |
|
Cross-Site Scripting (XSS) in angular (CVE-2017-12677)
cross-site scripting in angular (CVE-2017-12677). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-9260 |
|
Vulnerability in wordpress (CVE-2014-9260)
vulnerability in wordpress (CVE-2014-9260). Successful exploitation can lead to full system takeover.
|
| CVE-2014-9262 |
|
Vulnerability in wordpress (CVE-2014-9262)
vulnerability in wordpress (CVE-2014-9262). Confidential information can be exposed externally.
|
| CVE-2017-12650 |
|
SQL Injection in wordpress (CVE-2017-12650)
SQL injection in wordpress (CVE-2017-12650). Successful exploitation can lead to full system takeover.
|