|
249651
|
8.8 |
HIGH
Network
|
single_theater_booking_script_project
|
single_theater_booking_script
|
PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php.
|
CWE-352
Origin Validation Error
|
CVE-2017-17939
|
2024-11-21 12:19 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249652
|
4.8 |
MEDIUM
Network
|
single_theater_booking_script_project
|
single_theater_booking_script
|
PHP Scripts Mall Single Theater Booking has XSS via the admin/viewtheatre.php theatreid parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2017-17938
|
2024-11-21 12:19 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249653
|
6.1 |
MEDIUM
Network
|
vanguard_project
|
marketplace_digital_products_php
|
Vanguard Marketplace Digital Products PHP has XSS via the phps_query parameter to /search.
|
CWE-79
Cross-site Scripting
|
CVE-2017-17937
|
2024-11-21 12:19 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249654
|
8.8 |
HIGH
Network
|
vanguard_project
|
marketplace_digital_products_php
|
Vanguard Marketplace Digital Products PHP has CSRF via /search.
|
CWE-352
Origin Validation Error
|
CVE-2017-17936
|
2024-11-21 12:19 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249655
|
9.8 |
CRITICAL
Network
|
allmediaserver
|
allmediaserver
|
A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on th…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-17932
|
2024-11-21 12:19 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249656
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflo…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17935
|
2024-11-21 12:19 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249657
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-17934
|
2024-11-21 12:19 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249658
|
6.1 |
MEDIUM
Network
|
bmc
|
remedy_mid-tier
|
BMC Remedy Mid Tier 9.1SP3 is affected by cross-site scripting (XSS). A DOM-based cross-site scripting vulnerability was discovered in a legacy utility.
|
CWE-79
Cross-site Scripting
|
CVE-2017-17678
|
2024-11-21 12:18 |
2021-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249659
|
8.8 |
HIGH
Network
|
bmc
|
remedy_mid-tier
|
BMC Remedy 9.1SP3 is affected by authenticated code execution. Authenticated users that have the right to create reports can use BIRT templates to run code.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-17677
|
2024-11-21 12:18 |
2021-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249660
|
5.3 |
MEDIUM
Network
|
bmc
|
remedy_mid-tier
|
BMC Remedy Mid Tier 9.1SP3 is affected by log hijacking. Remote logging can be accessed by unauthenticated users, allowing for an attacker to hijack the system logs. This data can include user names …
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2017-17675
|
2024-11-21 12:18 |
2021-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
