|
254971
|
6.1 |
MEDIUM
Network
|
wso2
|
machine_learner
data_services_server
dashboard_server
complex_event_processor
business_rules_server
business_process_server
application_server
data_analytics_server
|
The Management Console in WSO2 Application Server 5.3.0, WSO2 Business Process Server 3.6.0, WSO2 Business Rules Server 2.2.0, WSO2 Complex Event Processor 4.2.0, WSO2 Dashboard Server 2.0.0, WSO2 Da…
|
CWE-79
Cross-site Scripting
|
CVE-2017-14995
|
2024-11-21 12:13 |
2017-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254972
|
6.5 |
MEDIUM
Network
|
wordpress
debian
|
wordpress
debian_linux
|
WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack u…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2017-14990
|
2024-11-21 12:13 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254973
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a crafted font file, because the FT_Done_Glyph function (from Free…
|
CWE-416
Use After Free
|
CVE-2017-14989
|
2024-11-21 12:13 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254974
|
5.5 |
MEDIUM
Local
|
openexr
|
openexr
|
Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputF…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-14988
|
2024-11-21 12:13 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254975
|
5.4 |
MEDIUM
Network
|
eyesofnetwork
|
eyesofnetwork
|
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the url parameter to module…
|
CWE-79
Cross-site Scripting
|
CVE-2017-14985
|
2024-11-21 12:13 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254976
|
5.4 |
MEDIUM
Network
|
eyesofnetwork
|
eyesofnetwork
|
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the bp_name parameter to /m…
|
CWE-79
Cross-site Scripting
|
CVE-2017-14984
|
2024-11-21 12:13 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254977
|
4.8 |
MEDIUM
Network
|
eyesofnetwork
|
eyesofnetwork
|
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to inject arbitrary web script or HTML via the object paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2017-14983
|
2024-11-21 12:13 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254978
|
5.4 |
MEDIUM
Network
|
atutor
|
atutor
|
Cross-Site Scripting (XSS) was discovered in ATutor before 2.2.3. The vulnerability exists due to insufficient filtration of data (url in /mods/_standard/rss_feeds/edit_feed.php). An attacker could i…
|
CWE-79
Cross-site Scripting
|
CVE-2017-14981
|
2024-11-21 12:13 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254979
|
7.5 |
HIGH
Network
|
gxlcms
|
gxlcms
|
Gxlcms uses an unsafe character-replacement approach in an attempt to restrict access, which allows remote attackers to read arbitrary files via modified pathnames in the s parameter to index.php, re…
|
NVD-CWE-noinfo
|
CVE-2017-14979
|
2024-11-21 12:13 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254980
|
8.8 |
HIGH
Network
|
dasinfomedia
|
wphrm_human_resource_management_system
|
WPHRM Human Resource Management System for WordPress 1.0 allows SQL Injection via the employee_id parameter.
|
CWE-89
SQL Injection
|
CVE-2017-14848
|
2024-11-21 12:13 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
