|
252861
|
5.4 |
MEDIUM
Network
|
cmsmadesimple
|
cms_made_simple
|
Cross-site scripting (XSS) vulnerability in /admin/moduleinterface.php in CMS Made Simple 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the m1_description paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6555
|
2024-11-21 12:30 |
2017-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252862
|
7.5 |
HIGH
Network
|
sagemcom
|
livebox_firmware
|
Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 devices have an insufficiently large default value for the maximum IPv6 routing table size: it can be filled within minutes. An attacker can exploit this issue…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-6552
|
2024-11-21 12:30 |
2017-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252863
|
8.8 |
HIGH
Network
|
asus
|
rt-ac53_firmware
|
Session hijack vulnerability in httpd on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B…
|
CWE-287
Improper Authentication
|
CVE-2017-6549
|
2024-11-21 12:30 |
2017-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252864
|
9.8 |
CRITICAL
Network
|
asus
|
rt-ac53_firmware
|
Buffer overflows in networkmap on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-A…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6548
|
2024-11-21 12:30 |
2017-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252865
|
7.5 |
HIGH
Network
|
synchro
|
bbs
|
Synchronet BBS 3.16c for Windows allows remote attackers to cause a denial of service (service crash) via a long string in the HTTP Referer header.
|
NVD-CWE-noinfo
|
CVE-2017-6371
|
2024-11-21 12:29 |
2020-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252866
|
8.1 |
HIGH
Network
|
libgd
|
libgd
|
In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since t…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-6363
|
2024-11-21 12:29 |
2020-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252867
|
6.1 |
MEDIUM
Network
|
paypal
|
adaptive_payments_sdk
|
paypal/adaptivepayments-sdk-php v3.9.2 is vulnerable to a reflected XSS in the SetPaymentOptions.php resulting code execution
|
CWE-79
Cross-site Scripting
|
CVE-2017-6217
|
2024-11-21 12:29 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252868
|
6.1 |
MEDIUM
Network
|
novaksolutions
|
infusionsoft-php-sdk
|
novaksolutions/infusionsoft-php-sdk v2016-10-31 is vulnerable to a reflected XSS in the leadscoring.php resulting code execution
|
CWE-79
Cross-site Scripting
|
CVE-2017-6216
|
2024-11-21 12:29 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252869
|
7.8 |
HIGH
Local
|
nvidia
|
vibrante_linux
|
NVIDIA Vibrante Linux version 1.1, 2.0, and 2.2 contains a vulnerability in the user space driver in which protection mechanisms are insufficient, may lead to denial of service or information disclos…
|
CWE-20
Improper Input Validation
|
CVE-2017-6261
|
2024-11-21 12:29 |
2019-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252870
|
5.3 |
MEDIUM
Network
|
wordpress
|
wordpress
|
WordPress 4.7.2 mishandles listings of post authors, which allows remote attackers to obtain sensitive information (Path Disclosure) via a /wp-json/oembed/1.0/embed?url= request, related to the "auth…
|
CWE-200
Information Exposure
|
CVE-2017-6514
|
2024-11-21 12:29 |
2019-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
