[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 111582 Download | Alert*

b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup.

MapProxy version 1.10.3 and older is vulnerable to a Cross Site Scripting attack in the demo service resulting in possible information disclosure.

marked version 0.3.6 and earlier is vulnerable to an XSS attack in the data: URI parser.

flatCore-CMS 1.4.6 is vulnerable to reflected XSS in user_management.php due to the use of $_SERVER['PHP_SELF'] to build links and a stored XSS in the admin log panel by specifying a malformed User-Agent string.

rui Li finecms 5.0.10 is vulnerable to a reflected XSS in the file Weixin.php.

rust-base64 version <= 0.5.1 is vulnerable to a buffer overflow when calculating the size of a buffer to use when encoding base64 using the 'encode_config_buf' and 'encode_config' functions

eZ Systems eZ Publish version 5.4.0 to 5.4.9, and 5.3.12 and older, is vulnerable to an XSS issue in the search module, resulting in a risk of attackers injecting scripts which may e.g. steal authentication credentials.

Vanilla Forums below 2.1.5 are affected by CSRF leading to Deleting topics and comments from forums Admin access

Wordpress plugin Furikake version 0.1.0 is vulnerable to an Open Redirect The furikake-redirect parameter on a page allows for a redirect to an attacker controlled page classes/Furigana.php: header('location:'.urldecode($_GET['furikake-redirect']));

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-16227. Reason: This candidate is a reservation duplicate of CVE-2017-16227. Notes: All CVE users should reference CVE-2017-16227 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

Pages:      Start    10069    10070    10071    10072    10073    10074    10075    10076    10077    10078    10079    10080    10081    10082    ..   11158

© SecPod Technologies