Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-11585 |
|
Code Injection in finecms (CVE-2017-11585)
code injection in finecms (CVE-2017-11585). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11586 |
|
Open Redirect in finecms (CVE-2017-11586)
vulnerability in finecms (CVE-2017-11586). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-10400 |
|
Path Traversal in path-traversal (CVE-2016-10400)
path traversal in path-traversal (CVE-2016-10400). Confidential information can be exposed externally.
|
| CVE-2017-11516 |
|
Cross-Site Scripting (XSS) in yiiframework (CVE-2017-11516)
cross-site scripting in yiiframework (CVE-2017-11516). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-3421 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2015-3421)
cross-site scripting in wordpress (CVE-2015-3421). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-3638 |
|
phpMyBackupPro before 2.5 does not validate integer input, which allows remote authenticated users to execute arbitrary PHP code by injecting scripts via the path, filename, and period parameters to s...
phpMyBackupPro before 2.5 does not validate integer input, which allows remote authenticated users to execute arbitrary PHP code by injecting scripts via the path, filename, and period parameters to scheduled.php, and making requests to injected scripts, or by injecting PHP into a PHP configuration...
|
| CVE-2015-3639 |
|
Vulnerability in phpmybackuppro (CVE-2015-3639)
vulnerability in phpmybackuppro (CVE-2015-3639). Successful exploitation can lead to full system takeover.
|
| CVE-2015-3640 |
|
Code Injection in phpmybackuppro (CVE-2015-3640)
code injection in phpmybackuppro (CVE-2015-3640). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10993 |
|
Path Traversal in path-traversal (CVE-2017-10993)
path traversal in path-traversal (CVE-2017-10993). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11503 |
|
Cross-Site Scripting (XSS) in phpmailer-project (CVE-2017-11503)
cross-site scripting in phpmailer-project (CVE-2017-11503). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11500 |
|
Path Traversal in path-traversal (CVE-2017-11500)
path traversal in path-traversal (CVE-2017-11500). Data can be tampered with by attackers.
|
| CVE-2017-0378 |
|
Cross-Site Scripting (XSS) in phamm (CVE-2017-0378)
cross-site scripting in phamm (CVE-2017-0378). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11469 |
|
get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the file_name parameter.
get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the file_name parameter.
|
| CVE-2017-11470 |
|
SQL Injection in sqli (CVE-2017-11470)
SQL injection in sqli (CVE-2017-11470). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11471 |
|
SQL Injection in sqli (CVE-2017-11471)
SQL injection in sqli (CVE-2017-11471). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11474 |
|
SQL Injection in sqli (CVE-2017-11474)
SQL injection in sqli (CVE-2017-11474). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11475 |
|
SQL Injection in sqli (CVE-2017-11475)
SQL injection in sqli (CVE-2017-11475). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9764 |
|
Cross-Site Scripting (XSS) in metinfo (CVE-2017-9764)
cross-site scripting in metinfo (CVE-2017-9764). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11444 |
|
SQL Injection in sqli (CVE-2017-11444)
SQL injection in sqli (CVE-2017-11444). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11445 |
|
SQL Injection in sqli (CVE-2017-11445)
SQL injection in sqli (CVE-2017-11445). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11412 |
|
SQL Injection in sqli (CVE-2017-11412)
SQL injection in sqli (CVE-2017-11412). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11413 |
|
SQL Injection in sqli (CVE-2017-11413)
SQL injection in sqli (CVE-2017-11413). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11414 |
|
SQL Injection in sqli (CVE-2017-11414)
SQL injection in sqli (CVE-2017-11414). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11415 |
|
SQL Injection in sqli (CVE-2017-11415)
SQL injection in sqli (CVE-2017-11415). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11416 |
|
Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/insert.php via the name parameter.
Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/insert.php via the name parameter.
|
| CVE-2017-11417 |
|
SQL Injection in sqli (CVE-2017-11417)
SQL injection in sqli (CVE-2017-11417). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11418 |
|
SQL Injection in sqli (CVE-2017-11418)
SQL injection in sqli (CVE-2017-11418). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11419 |
|
SQL Injection in sqli (CVE-2017-11419)
SQL injection in sqli (CVE-2017-11419). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11404 |
|
Unrestricted File Upload in cmsmadesimple (CVE-2017-11404)
vulnerability in cmsmadesimple (CVE-2017-11404). Data can be tampered with by attackers.
|
| CVE-2017-11405 |
|
Unrestricted File Upload in cmsmadesimple (CVE-2017-11405)
vulnerability in cmsmadesimple (CVE-2017-11405). Data can be tampered with by attackers.
|
| CVE-2017-9609 |
|
Cross-Site Scripting (XSS) in blackcat-cms (CVE-2017-9609)
cross-site scripting in blackcat-cms (CVE-2017-9609). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11347 |
|
Vulnerability in metinfo (CVE-2017-11347)
vulnerability in metinfo (CVE-2017-11347). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11354 |
|
SQL Injection in sqli (CVE-2017-11354)
SQL injection in sqli (CVE-2017-11354). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11362 |
|
Buffer Overflow in c (CVE-2017-11362)
vulnerability in c (CVE-2017-11362). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11329 |
|
SQL Injection in sqli (CVE-2017-11329)
SQL injection in sqli (CVE-2017-11329). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000065 |
|
Cross-Site Scripting (XSS) in openmediavault (CVE-2017-1000065)
cross-site scripting in openmediavault (CVE-2017-1000065). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000031 |
|
SQL Injection in sqli (CVE-2017-1000031)
SQL injection in sqli (CVE-2017-1000031). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000032 |
|
Cross-Site Scripting (XSS) in cacti (CVE-2017-1000032)
cross-site scripting in cacti (CVE-2017-1000032). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11198 |
|
Cross-Site Scripting (XSS) in finecms-project (CVE-2017-11198)
cross-site scripting in finecms-project (CVE-2017-11198). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11200 |
|
SQL Injection in sqli (CVE-2017-11200)
SQL injection in sqli (CVE-2017-11200). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11201 |
|
Cross-Site Scripting (XSS) in finecms-project (CVE-2017-11201)
cross-site scripting in finecms-project (CVE-2017-11201). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11202 |
|
Cross-Site Scripting (XSS) in finecms-project (CVE-2017-11202)
cross-site scripting in finecms-project (CVE-2017-11202). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11174 |
|
SQL Injection in sqli (CVE-2017-11174)
SQL injection in sqli (CVE-2017-11174). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11167 |
|
Code Injection in finecms-project (CVE-2017-11167)
code injection in finecms-project (CVE-2017-11167). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11178 |
|
Vulnerability in finecms-project (CVE-2017-11178)
vulnerability in finecms-project (CVE-2017-11178). Data can be tampered with by attackers.
|
| CVE-2017-11163 |
|
Cross-Site Scripting (XSS) in cacti (CVE-2017-11163)
cross-site scripting in cacti (CVE-2017-11163). Risk of unauthorized operations or information disclosure. Exploitable via `Referer header`.
|
| CVE-2016-10397 |
|
Vulnerability in c (CVE-2016-10397)
vulnerability in c (CVE-2016-10397). Data can be tampered with by attackers.
|
| CVE-2017-11142 |
|
Vulnerability in c (CVE-2017-11142)
vulnerability in c (CVE-2017-11142). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11143 |
|
Use-After-Free in c (CVE-2017-11143)
vulnerability in c (CVE-2017-11143). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11144 |
|
Vulnerability in c (CVE-2017-11144)
vulnerability in c (CVE-2017-11144). Risk of unauthorized operations or information disclosure.
|