Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-12613 |
|
Out-of-Bounds Read in apache (CVE-2017-12613)
vulnerability in apache (CVE-2017-12613). Confidential information can be exposed externally.
|
| CVE-2015-5533 |
|
SQL Injection in wordpress (CVE-2015-5533)
SQL injection in wordpress (CVE-2015-5533). Successful exploitation can lead to full system takeover.
|
| CVE-2010-2232 |
|
Vulnerability in apache (CVE-2010-2232)
vulnerability in apache (CVE-2010-2232). Data can be tampered with by attackers.
|
| CVE-2017-12628 |
|
Unsafe Deserialization in apache (CVE-2017-12628)
vulnerability in apache (CVE-2017-12628). Successful exploitation can lead to full system takeover.
|
| CVE-2015-6668 |
|
Information Disclosure in wordpress (CVE-2015-6668)
vulnerability in wordpress (CVE-2015-6668). Confidential information can be exposed externally.
|
| CVE-2017-5635 |
|
Authentication Bypass in apache (CVE-2017-5635)
authentication bypass in apache (CVE-2017-5635). Confidential information can be exposed externally.
|
| CVE-2012-6707 |
|
Vulnerability in wordpress (CVE-2012-6707)
vulnerability in wordpress (CVE-2012-6707). Confidential information can be exposed externally.
|
| CVE-2015-5227 |
|
Vulnerability in wordpress (CVE-2015-5227)
vulnerability in wordpress (CVE-2015-5227). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4461 |
|
Vulnerability in apache (CVE-2016-4461)
vulnerability in apache (CVE-2016-4461). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10619 |
|
Vulnerability in express (CVE-2017-10619)
vulnerability in express (CVE-2017-10619). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-5637 |
|
Vulnerability in apache (CVE-2017-5637)
vulnerability in apache (CVE-2017-5637). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.4.10` or later.
|
| CVE-2015-2673 |
|
Vulnerability in wordpress (CVE-2015-2673)
vulnerability in wordpress (CVE-2015-2673). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15079 |
|
Path Traversal in wordpress (CVE-2017-15079)
path traversal in wordpress (CVE-2017-15079). Confidential information can be exposed externally.
|
| CVE-2017-14848 |
|
SQL Injection in wordpress (CVE-2017-14848)
SQL injection in wordpress (CVE-2017-14848). Successful exploitation can lead to full system takeover.
|
| CVE-2016-6806 |
|
Cross-Site Request Forgery (CSRF) in apache (CVE-2016-6806)
vulnerability in apache (CVE-2016-6806). Successful exploitation can lead to full system takeover. Exploitable via `Referer header`.
|
| CVE-2017-13989 |
|
Vulnerability in express (CVE-2017-13989)
vulnerability in express (CVE-2017-13989). Confidential information can be exposed externally.
|
| CVE-2015-9233 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2015-9233)
vulnerability in wordpress (CVE-2015-9233). Successful exploitation can lead to full system takeover.
|
| CVE-2015-9234 |
|
SQL Injection in wordpress (CVE-2015-9234)
SQL injection in wordpress (CVE-2015-9234). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4434 |
|
XXE (XML External Entity) in apache (CVE-2016-4434)
vulnerability in apache (CVE-2016-4434). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7687 |
|
Vulnerability in apache (CVE-2017-7687)
vulnerability in apache (CVE-2017-7687). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9790 |
|
Use-After-Free in apache (CVE-2017-9790)
vulnerability in apache (CVE-2017-9790). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14842 |
|
SQL Injection in wordpress (CVE-2017-14842)
SQL injection in wordpress (CVE-2017-14842). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14843 |
|
Mojoomla School Management System for WordPress allows SQL Injection via the id parameter.
Mojoomla School Management System for WordPress allows SQL Injection via the id parameter.
|
| CVE-2017-14844 |
|
Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter.
Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter.
|
| CVE-2017-14845 |
|
Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter.
Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter.
|
| CVE-2017-14846 |
|
Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter.
Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter.
|
| CVE-2017-14847 |
|
Mojoomla WPAMS Apartment Management System for WordPress allows SQL Injection via the id parameter.
Mojoomla WPAMS Apartment Management System for WordPress allows SQL Injection via the id parameter.
|
| CVE-2017-2551 |
|
Vulnerability in wordpress (CVE-2017-2551)
vulnerability in wordpress (CVE-2017-2551). Confidential information can be exposed externally.
|
| CVE-2017-14766 |
|
Authentication Bypass in wordpress (CVE-2017-14766)
authentication bypass in wordpress (CVE-2017-14766). Data can be tampered with by attackers.
|
| CVE-2017-14704 |
|
Unrestricted File Upload in laravel (CVE-2017-14704)
vulnerability in laravel (CVE-2017-14704). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14719 |
|
Path Traversal in wordpress (CVE-2017-14719)
path traversal in wordpress (CVE-2017-14719). Confidential information can be exposed externally.
|
| CVE-2017-14722 |
|
Path Traversal in wordpress (CVE-2017-14722)
path traversal in wordpress (CVE-2017-14722). Confidential information can be exposed externally.
|
| CVE-2017-9793 |
|
Vulnerability in apache (CVE-2017-9793)
vulnerability in apache (CVE-2017-9793). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9804 |
|
Vulnerability in apache (CVE-2017-9804)
vulnerability in apache (CVE-2017-9804). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-4089 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2015-4089)
vulnerability in wordpress (CVE-2015-4089). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12616 |
|
Information Disclosure in apache (CVE-2017-12616)
vulnerability in apache (CVE-2017-12616). Confidential information can be exposed externally.
|
| CVE-2017-9803 |
|
Authentication Bypass in apache (CVE-2017-9803)
authentication bypass in apache (CVE-2017-9803). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9798 |
|
Use-After-Free in c (CVE-2017-9798)
vulnerability in c (CVE-2017-9798). Confidential information can be exposed externally.
|
| CVE-2017-14530 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-14530)
vulnerability in wordpress (CVE-2017-14530). Successful exploitation can lead to full system takeover.
|
| CVE-2014-7808 |
|
Vulnerability in apache (CVE-2014-7808)
vulnerability in apache (CVE-2014-7808). Confidential information can be exposed externally.
|
| CVE-2017-2299 |
|
Vulnerability in apache (CVE-2017-2299)
vulnerability in apache (CVE-2017-2299). Confidential information can be exposed externally. Exploitable via ``ssl_ca``.
|
| CVE-2017-1002025 |
|
SQL Injection in wordpress (CVE-2017-1002025)
SQL injection in wordpress (CVE-2017-1002025). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1002026 |
|
SQL Injection in wordpress (CVE-2017-1002026)
SQL injection in wordpress (CVE-2017-1002026). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1002004 |
|
SQL Injection in wordpress (CVE-2017-1002004)
SQL injection in wordpress (CVE-2017-1002004). Data can be tampered with by attackers.
|
| CVE-2017-1002005 |
|
SQL Injection in wordpress (CVE-2017-1002005)
SQL injection in wordpress (CVE-2017-1002005). Data can be tampered with by attackers.
|
| CVE-2017-1002006 |
|
Vulnerability in wordpress (CVE-2017-1002006)
vulnerability in wordpress (CVE-2017-1002006). Data can be tampered with by attackers.
|
| CVE-2017-1002007 |
|
Vulnerability in wordpress (CVE-2017-1002007)
vulnerability in wordpress (CVE-2017-1002007). Data can be tampered with by attackers.
|
| CVE-2016-8737 |
|
Cross-Site Request Forgery (CSRF) in apache (CVE-2016-8737)
vulnerability in apache (CVE-2016-8737). Successful exploitation can lead to full system takeover.
|
| CVE-2016-8744 |
|
Unsafe Deserialization in apache (CVE-2016-8744)
vulnerability in apache (CVE-2016-8744). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12612 |
|
Unsafe Deserialization in apache (CVE-2017-12612)
vulnerability in apache (CVE-2017-12612). Successful exploitation can lead to full system takeover.
|