Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: web-frameworks Clear
ID Title
CVE-2016-4903 Cross-Site Scripting (XSS) in wordpress (CVE-2016-4903)
cross-site scripting in wordpress (CVE-2016-4903). Risk of unauthorized operations or information disclosure.
CVE-2016-4904 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2016-4904)
vulnerability in wordpress (CVE-2016-4904). Successful exploitation can lead to full system takeover.
CVE-2016-4905 SQL Injection in wordpress (CVE-2016-4905)
SQL injection in wordpress (CVE-2016-4905). Successful exploitation can lead to full system takeover.
CVE-2015-5241 Open Redirect in apache (CVE-2015-5241)
vulnerability in apache (CVE-2015-5241). Risk of unauthorized operations or information disclosure.
CVE-2017-9061 Cross-Site Scripting (XSS) in wordpress (CVE-2017-9061)
cross-site scripting in wordpress (CVE-2017-9061). Risk of unauthorized operations or information disclosure.
CVE-2017-9062 In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API.
In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API.
CVE-2017-9063 Cross-Site Scripting (XSS) in wordpress (CVE-2017-9063)
cross-site scripting in wordpress (CVE-2017-9063). Risk of unauthorized operations or information disclosure.
CVE-2017-9064 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-9064)
vulnerability in wordpress (CVE-2017-9064). Successful exploitation can lead to full system takeover.
CVE-2017-9065 Vulnerability in wordpress (CVE-2017-9065)
vulnerability in wordpress (CVE-2017-9065). Data can be tampered with by attackers.
CVE-2017-9066 SSRF (Server-Side Request Forgery) in wordpress (CVE-2017-9066)
SSRF in wordpress (CVE-2017-9066). Data can be tampered with by attackers.
CVE-2017-8917 SQL Injection in sqli (CVE-2017-8917)
SQL injection in sqli (CVE-2017-8917). Successful exploitation can lead to full system takeover.
CVE-2015-3998 Cross-Site Scripting (XSS) in wordpress (CVE-2015-3998)
cross-site scripting in wordpress (CVE-2015-3998). Risk of unauthorized operations or information disclosure.
CVE-2015-4070 Open Redirect in wordpress (CVE-2015-4070)
vulnerability in wordpress (CVE-2015-4070). Risk of unauthorized operations or information disclosure.
CVE-2017-3873 Vulnerability in express (CVE-2017-3873)
vulnerability in express (CVE-2017-3873). Successful exploitation can lead to full system takeover.
CVE-2017-7661 Cross-Site Request Forgery (CSRF) in apache (CVE-2017-7661)
vulnerability in apache (CVE-2017-7661). Successful exploitation can lead to full system takeover.
CVE-2017-7662 Cross-Site Request Forgery (CSRF) in apache (CVE-2017-7662)
vulnerability in apache (CVE-2017-7662). Successful exploitation can lead to full system takeover.
CVE-2016-8741 Information Disclosure in apache (CVE-2016-8741)
vulnerability in apache (CVE-2016-8741). Confidential information can be exposed externally.
CVE-2017-5655 Information Disclosure in apache (CVE-2017-5655)
vulnerability in apache (CVE-2017-5655). Confidential information can be exposed externally.
CVE-2017-5654 Vulnerability in apache (CVE-2017-5654)
vulnerability in apache (CVE-2017-5654). Confidential information can be exposed externally.
CVE-2017-8875 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-8875)
vulnerability in wordpress (CVE-2017-8875). Data can be tampered with by attackers.
CVE-2016-6799 Vulnerability in apache (CVE-2016-6799)
vulnerability in apache (CVE-2016-6799). Confidential information can be exposed externally.
CVE-2017-8295 Vulnerability in wordpress (CVE-2017-8295)
vulnerability in wordpress (CVE-2017-8295). Data can be tampered with by attackers. Exploitable via `Host header`.
CVE-2017-6624 Vulnerability in express (CVE-2017-6624)
vulnerability in express (CVE-2017-6624). Risk of unauthorized operations or information disclosure.
CVE-2016-4467 Vulnerability in c (CVE-2016-4467)
vulnerability in c (CVE-2016-4467). Data can be tampered with by attackers.
CVE-2017-8301 Vulnerability in nginx (CVE-2017-8301)
vulnerability in nginx (CVE-2017-8301). Data can be tampered with by attackers.
CVE-2017-3161 Cross-Site Scripting (XSS) in apache (CVE-2017-3161)
cross-site scripting in apache (CVE-2017-3161). Risk of unauthorized operations or information disclosure.
CVE-2017-3162 Vulnerability in apache (CVE-2017-3162)
vulnerability in apache (CVE-2017-3162). Risk of unauthorized operations or information disclosure.
CVE-2017-1170 Vulnerability in express (CVE-2017-1170)
vulnerability in express (CVE-2017-1170). Risk of unauthorized operations or information disclosure.
CVE-2017-7983 Information Disclosure in joomla (CVE-2017-7983)
vulnerability in joomla (CVE-2017-7983). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.0` or later.
CVE-2017-7984 Cross-Site Scripting (XSS) in joomla (CVE-2017-7984)
cross-site scripting in joomla (CVE-2017-7984). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.0` or later.
CVE-2017-7985 Cross-Site Scripting (XSS) in joomla (CVE-2017-7985)
cross-site scripting in joomla (CVE-2017-7985). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.0` or later.
CVE-2017-7986 Cross-Site Scripting (XSS) in joomla (CVE-2017-7986)
cross-site scripting in joomla (CVE-2017-7986). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.0` or later.
CVE-2017-7987 Cross-Site Scripting (XSS) in joomla (CVE-2017-7987)
cross-site scripting in joomla (CVE-2017-7987). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.0` or later.
CVE-2017-7988 Vulnerability in joomla (CVE-2017-7988)
vulnerability in joomla (CVE-2017-7988). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.0` or later.
CVE-2017-7989 Unrestricted File Upload in joomla (CVE-2017-7989)
vulnerability in joomla (CVE-2017-7989). Data can be tampered with by attackers. Mitigation: upgrade to `3.7.0` or later.
CVE-2017-8057 Information Disclosure in joomla (CVE-2017-8057)
vulnerability in joomla (CVE-2017-8057). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.7.0` or later.
CVE-2017-3503 Vulnerability in c (CVE-2017-3503)
vulnerability in c (CVE-2017-3503). Successful exploitation can lead to full system takeover.
CVE-2017-7723 XSS exists in Easy WP SMTP (before 1.2.5), a WordPress Plugin, via the e-mail subject or body.
XSS exists in Easy WP SMTP (before 1.2.5), a WordPress Plugin, via the e-mail subject or body.
CVE-2017-8099 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-8099)
vulnerability in wordpress (CVE-2017-8099). Data can be tampered with by attackers.
CVE-2017-8100 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-8100)
vulnerability in wordpress (CVE-2017-8100). Data can be tampered with by attackers.
CVE-2017-6919 Vulnerability in drupal (CVE-2017-6919)
vulnerability in drupal (CVE-2017-6919). Successful exploitation can lead to full system takeover.
CVE-2016-10345 Vulnerability in nginx (CVE-2016-10345)
vulnerability in nginx (CVE-2016-10345). Successful exploitation can lead to full system takeover.
CVE-2017-5653 Vulnerability in apache (CVE-2017-5653)
vulnerability in apache (CVE-2017-5653). Risk of unauthorized operations or information disclosure.
CVE-2017-5656 Vulnerability in apache (CVE-2017-5656)
vulnerability in apache (CVE-2017-5656). Confidential information can be exposed externally.
CVE-2017-5661 XXE (XML External Entity) in apache (CVE-2017-5661)
vulnerability in apache (CVE-2017-5661). Confidential information can be exposed externally.
CVE-2017-5662 XXE (XML External Entity) in apache (CVE-2017-5662)
vulnerability in apache (CVE-2017-5662). Confidential information can be exposed externally.
CVE-2017-5645 Unsafe Deserialization in apache (CVE-2017-5645)
vulnerability in apache (CVE-2017-5645). Successful exploitation can lead to full system takeover.
CVE-2016-5396 Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Attack.
Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Attack.
CVE-2017-5659 Vulnerability in apache (CVE-2017-5659)
vulnerability in apache (CVE-2017-5659). Risk of unauthorized operations or information disclosure.
CVE-2017-5647 Information Disclosure in c (CVE-2017-5647)
vulnerability in c (CVE-2017-5647). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →