|
252931
|
6.1 |
MEDIUM
Network
|
opentext
|
documentum_administrator
documentum_webtop
|
Multiple open redirect vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a (1) URL in the st…
|
CWE-601
Open Redirect
|
CVE-2017-14525
|
2024-11-21 12:12 |
2017-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252932
|
6.1 |
MEDIUM
Network
|
opentext
|
documentum_administrator
documentum_webtop
|
Multiple open redirect vulnerabilities in OpenText Documentum Administrator 7.2.0180.0055 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a (1) URL in…
|
CWE-601
Open Redirect
|
CVE-2017-14524
|
2024-11-21 12:12 |
2017-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252933
|
9.8 |
CRITICAL
Network
|
wpdevart
|
responsive_image_gallery_gallery_album
|
SQL injection vulnerability in the Responsive Image Gallery plugin before 1.2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the "id" parameter in an add_edit_theme tas…
|
CWE-89
SQL Injection
|
CVE-2017-14125
|
2024-11-21 12:12 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252934
|
5.4 |
MEDIUM
Network
|
geminabox_project
|
geminabox
|
geminabox (aka Gem in a Box) before 0.13.6 has XSS, as demonstrated by uploading a gem file that has a crafted gem.homepage value in its .gemspec file.
|
CWE-79
Cross-site Scripting
|
CVE-2017-14506
|
2024-11-21 12:12 |
2017-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252935
|
8.8 |
HIGH
Network
|
trendmicro
|
mobile_security
|
Proxy command injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.
|
CWE-77
Command Injection
|
CVE-2017-14081
|
2024-11-21 12:12 |
2017-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252936
|
9.8 |
CRITICAL
Network
|
trendmicro
|
mobile_security
|
Authentication bypass vulnerability in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allows attackers to access a specific part of the console using a blank password.
|
CWE-287
Improper Authentication
|
CVE-2017-14080
|
2024-11-21 12:12 |
2017-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252937
|
8.8 |
HIGH
Network
|
trendmicro
|
mobile_security
|
Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2017-14079
|
2024-11-21 12:12 |
2017-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252938
|
9.8 |
CRITICAL
Network
|
trendmicro
|
mobile_security
|
SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.
|
CWE-89
SQL Injection
|
CVE-2017-14078
|
2024-11-21 12:12 |
2017-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252939
|
5.4 |
MEDIUM
Network
|
mirasvit
|
helpdesk_mx
|
Multiple cross-site scripting (XSS) vulnerabilities in the administrative interface in Mirasvit Helpdesk MX before 1.5.3 allow remote attackers to inject arbitrary web script or HTML via the (1) cust…
|
CWE-79
Cross-site Scripting
|
CVE-2017-14321
|
2024-11-21 12:12 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252940
|
8.0 |
HIGH
Network
|
mirasvit
|
helpdesk_mx
|
Mirasvit Helpdesk MX before 1.5.3 might allow remote attackers to execute arbitrary code by leveraging failure to filter uploaded files.
|
CWE-20
Improper Input Validation
|
CVE-2017-14320
|
2024-11-21 12:12 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
