|
248161
|
5.4 |
MEDIUM
Network
|
cmsmadesimple
|
cms_made_simple
|
Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the "adminpage > sitesetting > General Settings …
|
CWE-79
Cross-site Scripting
|
CVE-2017-6556
|
2024-11-21 12:30 |
2017-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248162
|
5.4 |
MEDIUM
Network
|
cmsmadesimple
|
cms_made_simple
|
Cross-site scripting (XSS) vulnerability in /admin/moduleinterface.php in CMS Made Simple 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the m1_description paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6555
|
2024-11-21 12:30 |
2017-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248163
|
7.5 |
HIGH
Network
|
sagemcom
|
livebox_firmware
|
Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 devices have an insufficiently large default value for the maximum IPv6 routing table size: it can be filled within minutes. An attacker can exploit this issue…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-6552
|
2024-11-21 12:30 |
2017-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248164
|
8.8 |
HIGH
Network
|
asus
|
rt-ac53_firmware
|
Session hijack vulnerability in httpd on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B…
|
CWE-287
Improper Authentication
|
CVE-2017-6549
|
2024-11-21 12:30 |
2017-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248165
|
9.8 |
CRITICAL
Network
|
asus
|
rt-ac53_firmware
|
Buffer overflows in networkmap on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-A…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6548
|
2024-11-21 12:30 |
2017-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248166
|
7.5 |
HIGH
Network
|
synchro
|
bbs
|
Synchronet BBS 3.16c for Windows allows remote attackers to cause a denial of service (service crash) via a long string in the HTTP Referer header.
|
NVD-CWE-noinfo
|
CVE-2017-6371
|
2024-11-21 12:29 |
2020-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248167
|
8.1 |
HIGH
Network
|
libgd
|
libgd
|
In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since t…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-6363
|
2024-11-21 12:29 |
2020-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248168
|
6.1 |
MEDIUM
Network
|
paypal
|
adaptive_payments_sdk
|
paypal/adaptivepayments-sdk-php v3.9.2 is vulnerable to a reflected XSS in the SetPaymentOptions.php resulting code execution
|
CWE-79
Cross-site Scripting
|
CVE-2017-6217
|
2024-11-21 12:29 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248169
|
6.1 |
MEDIUM
Network
|
novaksolutions
|
infusionsoft-php-sdk
|
novaksolutions/infusionsoft-php-sdk v2016-10-31 is vulnerable to a reflected XSS in the leadscoring.php resulting code execution
|
CWE-79
Cross-site Scripting
|
CVE-2017-6216
|
2024-11-21 12:29 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248170
|
7.8 |
HIGH
Local
|
nvidia
|
vibrante_linux
|
NVIDIA Vibrante Linux version 1.1, 2.0, and 2.2 contains a vulnerability in the user space driver in which protection mechanisms are insufficient, may lead to denial of service or information disclos…
|
CWE-20
Improper Input Validation
|
CVE-2017-6261
|
2024-11-21 12:29 |
2019-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
