Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: php Clear
ID Title
CVE-2017-11585 Code Injection in finecms (CVE-2017-11585)
code injection in finecms (CVE-2017-11585). Successful exploitation can lead to full system takeover.
CVE-2017-11586 Open Redirect in finecms (CVE-2017-11586)
vulnerability in finecms (CVE-2017-11586). Risk of unauthorized operations or information disclosure.
CVE-2016-10400 Path Traversal in path-traversal (CVE-2016-10400)
path traversal in path-traversal (CVE-2016-10400). Confidential information can be exposed externally.
CVE-2017-11516 Cross-Site Scripting (XSS) in yiiframework (CVE-2017-11516)
cross-site scripting in yiiframework (CVE-2017-11516). Risk of unauthorized operations or information disclosure.
CVE-2015-3421 Cross-Site Scripting (XSS) in wordpress (CVE-2015-3421)
cross-site scripting in wordpress (CVE-2015-3421). Risk of unauthorized operations or information disclosure.
CVE-2015-3638 phpMyBackupPro before 2.5 does not validate integer input, which allows remote authenticated users to execute arbitrary PHP code by injecting scripts via the path, filename, and period parameters to s...
phpMyBackupPro before 2.5 does not validate integer input, which allows remote authenticated users to execute arbitrary PHP code by injecting scripts via the path, filename, and period parameters to scheduled.php, and making requests to injected scripts, or by injecting PHP into a PHP configuration...
CVE-2015-3639 Vulnerability in phpmybackuppro (CVE-2015-3639)
vulnerability in phpmybackuppro (CVE-2015-3639). Successful exploitation can lead to full system takeover.
CVE-2015-3640 Code Injection in phpmybackuppro (CVE-2015-3640)
code injection in phpmybackuppro (CVE-2015-3640). Successful exploitation can lead to full system takeover.
CVE-2017-10993 Path Traversal in path-traversal (CVE-2017-10993)
path traversal in path-traversal (CVE-2017-10993). Successful exploitation can lead to full system takeover.
CVE-2017-11503 Cross-Site Scripting (XSS) in phpmailer-project (CVE-2017-11503)
cross-site scripting in phpmailer-project (CVE-2017-11503). Risk of unauthorized operations or information disclosure.
CVE-2017-11500 Path Traversal in path-traversal (CVE-2017-11500)
path traversal in path-traversal (CVE-2017-11500). Data can be tampered with by attackers.
CVE-2017-0378 Cross-Site Scripting (XSS) in phamm (CVE-2017-0378)
cross-site scripting in phamm (CVE-2017-0378). Risk of unauthorized operations or information disclosure.
CVE-2017-11469 get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the file_name parameter.
get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the file_name parameter.
CVE-2017-11470 SQL Injection in sqli (CVE-2017-11470)
SQL injection in sqli (CVE-2017-11470). Successful exploitation can lead to full system takeover.
CVE-2017-11471 SQL Injection in sqli (CVE-2017-11471)
SQL injection in sqli (CVE-2017-11471). Successful exploitation can lead to full system takeover.
CVE-2017-11474 SQL Injection in sqli (CVE-2017-11474)
SQL injection in sqli (CVE-2017-11474). Successful exploitation can lead to full system takeover.
CVE-2017-11475 SQL Injection in sqli (CVE-2017-11475)
SQL injection in sqli (CVE-2017-11475). Successful exploitation can lead to full system takeover.
CVE-2017-9764 Cross-Site Scripting (XSS) in metinfo (CVE-2017-9764)
cross-site scripting in metinfo (CVE-2017-9764). Risk of unauthorized operations or information disclosure.
CVE-2017-11444 SQL Injection in sqli (CVE-2017-11444)
SQL injection in sqli (CVE-2017-11444). Successful exploitation can lead to full system takeover.
CVE-2017-11445 SQL Injection in sqli (CVE-2017-11445)
SQL injection in sqli (CVE-2017-11445). Successful exploitation can lead to full system takeover.
CVE-2017-11412 SQL Injection in sqli (CVE-2017-11412)
SQL injection in sqli (CVE-2017-11412). Successful exploitation can lead to full system takeover.
CVE-2017-11413 SQL Injection in sqli (CVE-2017-11413)
SQL injection in sqli (CVE-2017-11413). Successful exploitation can lead to full system takeover.
CVE-2017-11414 SQL Injection in sqli (CVE-2017-11414)
SQL injection in sqli (CVE-2017-11414). Successful exploitation can lead to full system takeover.
CVE-2017-11415 SQL Injection in sqli (CVE-2017-11415)
SQL injection in sqli (CVE-2017-11415). Successful exploitation can lead to full system takeover.
CVE-2017-11416 Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/insert.php via the name parameter.
Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/insert.php via the name parameter.
CVE-2017-11417 SQL Injection in sqli (CVE-2017-11417)
SQL injection in sqli (CVE-2017-11417). Successful exploitation can lead to full system takeover.
CVE-2017-11418 SQL Injection in sqli (CVE-2017-11418)
SQL injection in sqli (CVE-2017-11418). Successful exploitation can lead to full system takeover.
CVE-2017-11419 SQL Injection in sqli (CVE-2017-11419)
SQL injection in sqli (CVE-2017-11419). Successful exploitation can lead to full system takeover.
CVE-2017-11404 Unrestricted File Upload in cmsmadesimple (CVE-2017-11404)
vulnerability in cmsmadesimple (CVE-2017-11404). Data can be tampered with by attackers.
CVE-2017-11405 Unrestricted File Upload in cmsmadesimple (CVE-2017-11405)
vulnerability in cmsmadesimple (CVE-2017-11405). Data can be tampered with by attackers.
CVE-2017-9609 Cross-Site Scripting (XSS) in blackcat-cms (CVE-2017-9609)
cross-site scripting in blackcat-cms (CVE-2017-9609). Risk of unauthorized operations or information disclosure.
CVE-2017-11347 Vulnerability in metinfo (CVE-2017-11347)
vulnerability in metinfo (CVE-2017-11347). Successful exploitation can lead to full system takeover.
CVE-2017-11354 SQL Injection in sqli (CVE-2017-11354)
SQL injection in sqli (CVE-2017-11354). Successful exploitation can lead to full system takeover.
CVE-2017-11362 Buffer Overflow in c (CVE-2017-11362)
vulnerability in c (CVE-2017-11362). Successful exploitation can lead to full system takeover.
CVE-2017-11329 SQL Injection in sqli (CVE-2017-11329)
SQL injection in sqli (CVE-2017-11329). Successful exploitation can lead to full system takeover.
CVE-2017-1000065 Cross-Site Scripting (XSS) in openmediavault (CVE-2017-1000065)
cross-site scripting in openmediavault (CVE-2017-1000065). Risk of unauthorized operations or information disclosure.
CVE-2017-1000031 SQL Injection in sqli (CVE-2017-1000031)
SQL injection in sqli (CVE-2017-1000031). Successful exploitation can lead to full system takeover.
CVE-2017-1000032 Cross-Site Scripting (XSS) in cacti (CVE-2017-1000032)
cross-site scripting in cacti (CVE-2017-1000032). Risk of unauthorized operations or information disclosure.
CVE-2017-11198 Cross-Site Scripting (XSS) in finecms-project (CVE-2017-11198)
cross-site scripting in finecms-project (CVE-2017-11198). Risk of unauthorized operations or information disclosure.
CVE-2017-11200 SQL Injection in sqli (CVE-2017-11200)
SQL injection in sqli (CVE-2017-11200). Successful exploitation can lead to full system takeover.
CVE-2017-11201 Cross-Site Scripting (XSS) in finecms-project (CVE-2017-11201)
cross-site scripting in finecms-project (CVE-2017-11201). Risk of unauthorized operations or information disclosure.
CVE-2017-11202 Cross-Site Scripting (XSS) in finecms-project (CVE-2017-11202)
cross-site scripting in finecms-project (CVE-2017-11202). Risk of unauthorized operations or information disclosure.
CVE-2017-11174 SQL Injection in sqli (CVE-2017-11174)
SQL injection in sqli (CVE-2017-11174). Successful exploitation can lead to full system takeover.
CVE-2017-11167 Code Injection in finecms-project (CVE-2017-11167)
code injection in finecms-project (CVE-2017-11167). Successful exploitation can lead to full system takeover.
CVE-2017-11178 Vulnerability in finecms-project (CVE-2017-11178)
vulnerability in finecms-project (CVE-2017-11178). Data can be tampered with by attackers.
CVE-2017-11163 Cross-Site Scripting (XSS) in cacti (CVE-2017-11163)
cross-site scripting in cacti (CVE-2017-11163). Risk of unauthorized operations or information disclosure. Exploitable via `Referer header`.
CVE-2016-10397 Vulnerability in c (CVE-2016-10397)
vulnerability in c (CVE-2016-10397). Data can be tampered with by attackers.
CVE-2017-11142 Vulnerability in c (CVE-2017-11142)
vulnerability in c (CVE-2017-11142). Risk of unauthorized operations or information disclosure.
CVE-2017-11143 Use-After-Free in c (CVE-2017-11143)
vulnerability in c (CVE-2017-11143). Risk of unauthorized operations or information disclosure.
CVE-2017-11144 Vulnerability in c (CVE-2017-11144)
vulnerability in c (CVE-2017-11144). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →