| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-1000480 | — | Cri | 0.64 | 9.8 | 0.03 | Jan 3, 2018 | Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name. | |
| CVE-2017-1000501 | Cri | 0.00 | 9.8 | 0.04 | Jan 3, 2018 | Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution. | ||
| CVE-2017-1000497 | Cri | 0.64 | 9.8 | 0.03 | Jan 3, 2018 | Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution | ||
| CVE-2017-18017 | Cri | 0.04 | 9.8 | 0.52 | Jan 3, 2018 | The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the… | ||
| CVE-2017-1000493 | Cri | 0.00 | 9.8 | 0.02 | Jan 3, 2018 | Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover | ||
| CVE-2017-1000437 | Cri | 0.64 | 9.8 | 0.04 | Jan 2, 2018 | Creolabs Gravity 1.0 contains a stack based buffer overflow in the operator_string_add function, resulting in remote code execution. | ||
| CVE-2017-1000430 | — | Cri | 0.57 | 9.8 | 0.02 | Jan 2, 2018 | rust-base64 version <= 0.5.1 is vulnerable to a buffer overflow when calculating the size of a buffer to use when encoding base64 using the 'encode_config_buf' and 'encode_config' functions | |
| CVE-2017-1000423 | Cri | 0.00 | 9.8 | 0.02 | Jan 2, 2018 | b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup. | ||
| CVE-2017-1000421 | Cri | 0.64 | 9.8 | 0.03 | Jan 2, 2018 | Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution | ||
| CVE-2017-1000458 | Cri | 0.00 | 9.8 | 0.02 | Jan 2, 2018 | Bro before Bro v2.5.2 is vulnerable to an out of bounds write in the ContentLine analyzer allowing remote attackers to cause a denial of service (crash) and possibly other exploitation. | ||
| CVE-2017-1000453 | Cri | 0.64 | 9.8 | 0.02 | Jan 2, 2018 | CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execution. | ||
| CVE-2017-17098 | Cri | 0.67 | 9.8 | 0.07 | Jan 2, 2018 | The writeLog function in fn_common.php in gps-server.net GPS Tracking Software (self hosted) through 3.0 allows remote attackers to inject arbitrary PHP code via a crafted request that is mishandled during admin log viewing, as demonstrated by <?php system($_GET[cmd]); ?> in a… | ||
| CVE-2017-17097 | Cri | 0.67 | 9.8 | 0.07 | Jan 2, 2018 | gps-server.net GPS Tracking Software (self hosted) 2.x has a password reset procedure that immediately resets passwords upon an unauthenticated request, and then sends e-mail with a predictable (date-based) password to the admin, which makes it easier for remote attackers to… | ||
| CVE-2017-1000444 | Cri | 0.00 | 9.8 | 0.03 | Jan 2, 2018 | Eleix Openhacker version 0.1.47 is vulnerable to an SQL injection in the account registration and login component resulting in information disclosure and remote code execution | ||
| CVE-2018-3813 | Cri | 0.64 | 9.8 | 0.01 | Jan 1, 2018 | getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVI_USER_ID and AVI_USER_PASSWORD fields via a direct request. | ||
| CVE-2018-3811 | Cri | 0.70 | 9.8 | 0.43 | Jan 1, 2018 | SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords() function in smartgooglecode.php did not use prepared statements… | ||
| CVE-2018-3810 | Cri | 0.74 | 9.8 | 0.91 | Jan 1, 2018 | Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The… | ||
| CVE-2017-18001 | Cri | 0.68 | 9.8 | 0.14 | Dec 31, 2017 | Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI. | ||
| CVE-2017-17992 | Cri | 0.64 | 9.8 | 0.02 | Dec 30, 2017 | Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action. | ||
| CVE-2014-9515 | Cri | 0.57 | 9.8 | 0.06 | Dec 29, 2017 | Dozer improperly uses a reflection-based approach to type conversion, which might allow remote attackers to execute arbitrary code via a crafted serialized object. | ||
| CVE-2014-3630 | Cri | 0.64 | 9.8 | 0.03 | Dec 29, 2017 | XML external entity (XXE) vulnerability in the Java XML processing functionality in Play before 2.2.6 and 2.3.x before 2.3.5 might allow remote attackers to read arbitrary files, cause a denial of service, or have unspecified other impact via crafted XML data. | ||
| CVE-2014-0121 | Cri | 0.57 | 9.8 | 0.04 | Dec 29, 2017 | The admin terminal in Hawt.io does not require authentication, which allows remote attackers to execute arbitrary commands via the k parameter. | ||
| CVE-2017-17974 | Cri | 0.64 | 9.8 | 0.02 | Dec 29, 2017 | BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPserv 00002, and Script 02.*) and ISC2000 devices allows remote attackers to obtain sensitive information via a request for isc/get_sid_js.aspx or isc/get_sid.aspx, as demonstrated by obtaining administrative… | ||
| CVE-2017-17968 | Cri | 0.70 | 9.8 | 0.39 | Dec 29, 2017 | A buffer overflow vulnerability in NetTransport.exe in NetTransport Download Manager 2.96L and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long HTTP response. | ||
| CVE-2014-4914 | Cri | 0.64 | 9.8 | 0.02 | Dec 29, 2017 | The Zend_Db_Select::order function in Zend Framework before 1.12.7 does not properly handle parentheses, which allows remote attackers to conduct SQL injection attacks via unspecified vectors. | ||
| CVE-2017-17959 | Cri | 0.64 | 9.8 | 0.01 | Dec 28, 2017 | PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the seller-view.php usid parameter. | ||
| CVE-2017-17957 | Cri | 0.64 | 9.8 | 0.01 | Dec 28, 2017 | PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter. | ||
| CVE-2017-17951 | Cri | 0.64 | 9.8 | 0.01 | Dec 28, 2017 | PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter. | ||
| CVE-2017-5641 | Cri | 0.58 | 9.8 | 0.21 | Dec 28, 2017 | Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types… | ||
| CVE-2017-17932 | Cri | 0.71 | 9.8 | 0.53 | Dec 28, 2017 | A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on the victim machine/computer via a long string to TCP port 888. | ||
| CVE-2014-8389 | Cri | 0.68 | 9.8 | 0.50 | Dec 28, 2017 | cgi-bin/mft/wireless_mft.cgi in AirLive BU-2015 with firmware 1.03.18 16.06.2014, AirLive BU-3026 with firmware 1.43 21.08.2014, AirLive MD-3025 with firmware 1.81 21.08.2014, AirLive WL-2000CAM with firmware LM.1.6.18 14.10.2011, and AirLive POE-200CAM v2 with firmware… | ||
| CVE-2015-7669 | Cri | 0.64 | 9.8 | 0.07 | Dec 27, 2017 | Multiple directory traversal vulnerabilities in (1) includes/MapImportCSV2.php and (2) includes/MapImportCSV.php in the Easy2Map plugin before 1.3.0 for WordPress allow remote attackers to include and execute arbitrary files via the csvfile parameter related to "upload file… | ||
| CVE-2015-6237 | Cri | 0.64 | 9.8 | 0.02 | Dec 27, 2017 | The RPC service in Tripwire (formerly nCircle) IP360 VnE Manager 7.2.2 before 7.2.6 allows remote attackers to bypass authentication and (1) enumerate users, (2) reset passwords, or (3) manipulate IP filter restrictions via crafted "privileged commands." | ||
| CVE-2017-9944 | Cri | 0.64 | 9.8 | 0.03 | Dec 27, 2017 | A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions < V2.03. The integrated web server (port 80/tcp) of the affected devices could allow an unauthenticated remote attacker to perform administrative operations over the network. | ||
| CVE-2017-17931 | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2017 | PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter. | ||
| CVE-2017-17928 | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2017 | PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter. | ||
| CVE-2017-17906 | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2017 | PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter. | ||
| CVE-2017-17900 | Cri | 0.57 | 9.8 | 0.02 | Dec 27, 2017 | SQL injection vulnerability in fourn/index.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the socid parameter. | ||
| CVE-2017-17899 | Cri | 0.57 | 9.8 | 0.02 | Dec 27, 2017 | SQL injection vulnerability in adherents/subscription/info.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the rowid parameter. | ||
| CVE-2017-17897 | Cri | 0.57 | 9.8 | 0.02 | Dec 27, 2017 | SQL injection vulnerability in comm/multiprix.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||
| CVE-2017-17895 | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2017 | Readymade Job Site Script has SQL Injection via the location_name array parameter to the /job URI. | ||
| CVE-2017-17892 | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2017 | Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the search_video.php search parameter. | ||
| CVE-2017-17878 | Cri | 0.64 | 9.8 | 0.02 | Dec 27, 2017 | An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters are truncated because of the default use of DES (aka the CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="des" setting). | ||
| CVE-2017-17877 | Cri | 0.64 | 9.8 | 0.04 | Dec 27, 2017 | An issue was discovered in Valve Steam Link build 643. When the SSH daemon is enabled for local development, the device is publicly available via IPv6 TCP port 22 over the internet (with stateless address autoconfiguration) by default, which makes it easier for remote attackers… | ||
| CVE-2017-17875 | Cri | 0.67 | 9.8 | 0.03 | Dec 27, 2017 | The JEXTN FAQ Pro extension 4.0.0 for Joomla! has SQL Injection via the id parameter in a view=category action. | ||
| CVE-2017-17873 | Cri | 0.67 | 9.8 | 0.03 | Dec 27, 2017 | Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI. | ||
| CVE-2017-17872 | Cri | 0.67 | 9.8 | 0.03 | Dec 27, 2017 | The JEXTN Video Gallery extension 3.0.5 for Joomla! has SQL Injection via the id parameter in a view=category action. | ||
| CVE-2017-17871 | Cri | 0.67 | 9.8 | 0.03 | Dec 27, 2017 | The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter. | ||
| CVE-2017-17870 | Cri | 0.67 | 9.8 | 0.03 | Dec 27, 2017 | The JBuildozer extension 1.4.1 for Joomla! has SQL Injection via the appid parameter in an entriessearch action. | ||
| CVE-2017-17849 | Cri | 0.68 | 9.8 | 0.19 | Dec 27, 2017 | A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long response. |
- risk 0.64cvss 9.8epss 0.03
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name.
- risk 0.00cvss 9.8epss 0.04
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.
- risk 0.64cvss 9.8epss 0.03
Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution
- risk 0.04cvss 9.8epss 0.52
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the…
- risk 0.00cvss 9.8epss 0.02
Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover
- risk 0.64cvss 9.8epss 0.04
Creolabs Gravity 1.0 contains a stack based buffer overflow in the operator_string_add function, resulting in remote code execution.
- risk 0.57cvss 9.8epss 0.02
rust-base64 version <= 0.5.1 is vulnerable to a buffer overflow when calculating the size of a buffer to use when encoding base64 using the 'encode_config_buf' and 'encode_config' functions
- risk 0.00cvss 9.8epss 0.02
b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup.
- risk 0.64cvss 9.8epss 0.03
Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution
- risk 0.00cvss 9.8epss 0.02
Bro before Bro v2.5.2 is vulnerable to an out of bounds write in the ContentLine analyzer allowing remote attackers to cause a denial of service (crash) and possibly other exploitation.
- risk 0.64cvss 9.8epss 0.02
CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execution.
- risk 0.67cvss 9.8epss 0.07
The writeLog function in fn_common.php in gps-server.net GPS Tracking Software (self hosted) through 3.0 allows remote attackers to inject arbitrary PHP code via a crafted request that is mishandled during admin log viewing, as demonstrated by <?php system($_GET[cmd]); ?> in a…
- risk 0.67cvss 9.8epss 0.07
gps-server.net GPS Tracking Software (self hosted) 2.x has a password reset procedure that immediately resets passwords upon an unauthenticated request, and then sends e-mail with a predictable (date-based) password to the admin, which makes it easier for remote attackers to…
- risk 0.00cvss 9.8epss 0.03
Eleix Openhacker version 0.1.47 is vulnerable to an SQL injection in the account registration and login component resulting in information disclosure and remote code execution
- risk 0.64cvss 9.8epss 0.01
getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVI_USER_ID and AVI_USER_PASSWORD fields via a direct request.
- risk 0.70cvss 9.8epss 0.43
SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords() function in smartgooglecode.php did not use prepared statements…
- risk 0.74cvss 9.8epss 0.91
Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The…
- risk 0.68cvss 9.8epss 0.14
Trustwave Secure Web Gateway (SWG) through 11.8.0.27 allows remote attackers to append an arbitrary public key to the device's SSH Authorized Keys data, and consequently obtain remote root access, via the publicKey parameter to the /sendKey URI.
- risk 0.64cvss 9.8epss 0.02
Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action.
- risk 0.57cvss 9.8epss 0.06
Dozer improperly uses a reflection-based approach to type conversion, which might allow remote attackers to execute arbitrary code via a crafted serialized object.
- risk 0.64cvss 9.8epss 0.03
XML external entity (XXE) vulnerability in the Java XML processing functionality in Play before 2.2.6 and 2.3.x before 2.3.5 might allow remote attackers to read arbitrary files, cause a denial of service, or have unspecified other impact via crafted XML data.
- risk 0.57cvss 9.8epss 0.04
The admin terminal in Hawt.io does not require authentication, which allows remote attackers to execute arbitrary commands via the k parameter.
- risk 0.64cvss 9.8epss 0.02
BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPserv 00002, and Script 02.*) and ISC2000 devices allows remote attackers to obtain sensitive information via a request for isc/get_sid_js.aspx or isc/get_sid.aspx, as demonstrated by obtaining administrative…
- risk 0.70cvss 9.8epss 0.39
A buffer overflow vulnerability in NetTransport.exe in NetTransport Download Manager 2.96L and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long HTTP response.
- risk 0.64cvss 9.8epss 0.02
The Zend_Db_Select::order function in Zend Framework before 1.12.7 does not properly handle parentheses, which allows remote attackers to conduct SQL injection attacks via unspecified vectors.
- risk 0.64cvss 9.8epss 0.01
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the seller-view.php usid parameter.
- risk 0.64cvss 9.8epss 0.01
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter.
- risk 0.64cvss 9.8epss 0.01
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter.
- risk 0.58cvss 9.8epss 0.21
Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deserialization by default. During the deserialization process code is executed that for several known types has undesired side-effects. Other, unknown types…
- risk 0.71cvss 9.8epss 0.53
A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on the victim machine/computer via a long string to TCP port 888.
- risk 0.68cvss 9.8epss 0.50
cgi-bin/mft/wireless_mft.cgi in AirLive BU-2015 with firmware 1.03.18 16.06.2014, AirLive BU-3026 with firmware 1.43 21.08.2014, AirLive MD-3025 with firmware 1.81 21.08.2014, AirLive WL-2000CAM with firmware LM.1.6.18 14.10.2011, and AirLive POE-200CAM v2 with firmware…
- risk 0.64cvss 9.8epss 0.07
Multiple directory traversal vulnerabilities in (1) includes/MapImportCSV2.php and (2) includes/MapImportCSV.php in the Easy2Map plugin before 1.3.0 for WordPress allow remote attackers to include and execute arbitrary files via the csvfile parameter related to "upload file…
- risk 0.64cvss 9.8epss 0.02
The RPC service in Tripwire (formerly nCircle) IP360 VnE Manager 7.2.2 before 7.2.6 allows remote attackers to bypass authentication and (1) enumerate users, (2) reset passwords, or (3) manipulate IP filter restrictions via crafted "privileged commands."
- risk 0.64cvss 9.8epss 0.03
A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions < V2.03. The integrated web server (port 80/tcp) of the affected devices could allow an unauthenticated remote attacker to perform administrative operations over the network.
- risk 0.64cvss 9.8epss 0.01
PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter.
- risk 0.64cvss 9.8epss 0.01
PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter.
- risk 0.64cvss 9.8epss 0.01
PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter.
- risk 0.57cvss 9.8epss 0.02
SQL injection vulnerability in fourn/index.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the socid parameter.
- risk 0.57cvss 9.8epss 0.02
SQL injection vulnerability in adherents/subscription/info.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the rowid parameter.
- risk 0.57cvss 9.8epss 0.02
SQL injection vulnerability in comm/multiprix.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
- risk 0.64cvss 9.8epss 0.01
Readymade Job Site Script has SQL Injection via the location_name array parameter to the /job URI.
- risk 0.64cvss 9.8epss 0.01
Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the search_video.php search parameter.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters are truncated because of the default use of DES (aka the CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="des" setting).
- risk 0.64cvss 9.8epss 0.04
An issue was discovered in Valve Steam Link build 643. When the SSH daemon is enabled for local development, the device is publicly available via IPv6 TCP port 22 over the internet (with stateless address autoconfiguration) by default, which makes it easier for remote attackers…
- risk 0.67cvss 9.8epss 0.03
The JEXTN FAQ Pro extension 4.0.0 for Joomla! has SQL Injection via the id parameter in a view=category action.
- risk 0.67cvss 9.8epss 0.03
Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI.
- risk 0.67cvss 9.8epss 0.03
The JEXTN Video Gallery extension 3.0.5 for Joomla! has SQL Injection via the id parameter in a view=category action.
- risk 0.67cvss 9.8epss 0.03
The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter.
- risk 0.67cvss 9.8epss 0.03
The JBuildozer extension 1.4.1 for Joomla! has SQL Injection via the appid parameter in an entriessearch action.
- risk 0.68cvss 9.8epss 0.19
A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long response.