|
248401
|
5.4 |
MEDIUM
Network
|
cmsmadesimple
|
cms_made_simple
|
XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_summary parameter. Someone must login to conduct the attack.
|
CWE-79
Cross-site Scripting
|
CVE-2017-7256
|
2024-11-21 12:31 |
2017-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248402
|
5.4 |
MEDIUM
Network
|
cmsmadesimple
|
cms_made_simple
|
XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_title parameter. Someone must login to conduct the attack.
|
CWE-79
Cross-site Scripting
|
CVE-2017-7255
|
2024-11-21 12:31 |
2017-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248403
|
7.5 |
HIGH
Network
|
eclipse
|
tinydtls
|
Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to cause a denial of service (DTLS peer crash) by sending a "Change cipher spec" packet without pre-handshake.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-7243
|
2024-11-21 12:31 |
2017-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248404
|
7.5 |
HIGH
Network
|
miele_professional
|
pst10_webserver
|
An issue was discovered on Miele Professional PST10 devices. The corresponding embedded webserver "PST10 WebServer" typically listens to port 80 and is prone to a directory traversal attack; therefor…
|
CWE-22
Path Traversal
|
CVE-2017-7240
|
2024-11-21 12:31 |
2017-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248405
|
6.1 |
MEDIUM
Network
|
piengine
|
pi
|
A Cross-Site Scripting (XSS) was discovered in pi-engine/pi 2.5.0. The vulnerability exists due to insufficient filtration of user-supplied data (preview) passed to the "pi-develop/www/script/editor/…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7251
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248406
|
6.1 |
MEDIUM
Network
|
gazelle_project
|
gazelle
|
A Cross-Site Scripting (XSS) was discovered in Gazelle before 2017-03-19. The vulnerability exists due to insufficient filtration of user-supplied data (action) passed to the 'Gazelle-master/sections…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7250
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248407
|
6.1 |
MEDIUM
Network
|
gazelle_project
|
gazelle
|
Multiple Cross-Site Scripting (XSS) were discovered in Gazelle before 2017-03-19. The vulnerabilities exist due to insufficient filtration of user-supplied data (action, userid) passed to the 'Gazell…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7249
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248408
|
6.1 |
MEDIUM
Network
|
gazelle_project
|
gazelle
|
A Cross-Site Scripting (XSS) was discovered in Gazelle before 2017-03-19. The vulnerability exists due to insufficient filtration of user-supplied data (type) passed to the 'Gazelle-master/sections/b…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7248
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248409
|
6.1 |
MEDIUM
Network
|
gazelle_project
|
gazelle
|
Multiple Cross-Site Scripting (XSS) were discovered in Gazelle before 2017-03-19. The vulnerabilities exist due to insufficient filtration of user-supplied data (torrents, size) passed to the 'Gazell…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7247
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248410
|
7.8 |
HIGH
Local
|
pcre
|
pcre
|
Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unsp…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7246
|
2024-11-21 12:31 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
