|
266491
|
8.8 |
HIGH
Network
|
basercms
|
basercms
|
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2016-4881
|
2024-11-21 11:53 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266492
|
5.4 |
MEDIUM
Network
|
basercms
|
basercms
|
Cross-site scripting vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-4880
|
2024-11-21 11:53 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266493
|
8.8 |
HIGH
Network
|
basercms
|
basercms
mail
|
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2016-4879
|
2024-11-21 11:53 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266494
|
8.8 |
HIGH
Network
|
basercms
|
basercms
|
Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2016-4878
|
2024-11-21 11:53 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266495
|
5.4 |
MEDIUM
Network
|
basercms
|
basercms
mail
|
Cross-site scripting vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-4877
|
2024-11-21 11:53 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266496
|
8.8 |
HIGH
Network
|
basercms
|
basercms
|
Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators to execute arbitrary PHP code via unspeci…
|
CWE-352
Origin Validation Error
|
CVE-2016-4876
|
2024-11-21 11:53 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266497
|
7.5 |
HIGH
Network
|
dena
|
h2o
|
H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remote attackers to cause a denial-of-service (DoS) via format string specifiers in a template file via fastcgi, mruby, proxy, redire…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2016-4864
|
2024-11-21 11:53 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266498
|
6.1 |
MEDIUM
Network
|
splunk
|
splunk
|
Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.3, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk…
|
CWE-601
Open Redirect
|
CVE-2016-4859
|
2024-11-21 11:53 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266499
|
4.8 |
MEDIUM
Network
|
splunk
|
splunk
|
Cross-site scripting vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11,…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4858
|
2024-11-21 11:53 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266500
|
6.1 |
MEDIUM
Network
|
splunk
|
splunk
|
Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.11 and Splunk Light prior to 6.4.2 allows to redire…
|
CWE-601
Open Redirect
|
CVE-2016-4857
|
2024-11-21 11:53 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
