|
246881
|
6.5 |
MEDIUM
Network
|
samba
redhat
debian
|
samba
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
enterprise_linux_server_tus
debian_lin…
|
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling sym…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-9461
|
2024-11-21 12:36 |
2017-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246882
|
4.8 |
MEDIUM
Network
|
piwigo
|
piwigo
|
Cross-site scripting (XSS) vulnerability in admin.php in Piwigo 2.9.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9452
|
2024-11-21 12:36 |
2017-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246883
|
6.1 |
MEDIUM
Network
|
flatcore
|
flatcore
|
Cross site scripting (XSS) vulnerability in pages.edit_form.php in flatCore 1.4.6 allows remote attackers to inject arbitrary JavaScript via the PATH_INFO in an acp.php URL, due to use of unsanitized…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9451
|
2024-11-21 12:36 |
2017-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246884
|
8.8 |
HIGH
Network
|
bigtreecms
|
bigtree_cms
|
SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core/admin/modules/developer/modules/views/create.php. The attacker c…
|
CWE-89
SQL Injection
|
CVE-2017-9449
|
2024-11-21 12:36 |
2017-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246885
|
5.4 |
MEDIUM
Network
|
bigtreecms
|
bigtree_cms
|
Cross-site scripting (XSS) vulnerabilities in BigTree CMS through 4.2.18 allow remote authenticated users to inject arbitrary web script or HTML via the description parameter. This issue exists in co…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9448
|
2024-11-21 12:36 |
2017-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246886
|
8.8 |
HIGH
Network
|
bigtreecms
|
bigtree_cms
|
BigTree CMS through 4.2.18 has CSRF related to the core\admin\modules\users\profile\update.php script (modify user information), the index.php/admin/developer/packages/delete/ URI (remove packages), …
|
CWE-352
Origin Validation Error
|
CVE-2017-9444
|
2024-11-21 12:36 |
2017-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246887
|
8.8 |
HIGH
Network
|
bigtreecms
|
bigtree_cms
|
BigTree CMS through 4.2.18 allows remote authenticated users to conduct SQL injection attacks via a crafted tables object in manifest.json in an uploaded package. This issue exists in core\admin\modu…
|
CWE-89
SQL Injection
|
CVE-2017-9443
|
2024-11-21 12:36 |
2017-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246888
|
6.1 |
MEDIUM
Network
|
sunnythemes
|
spiffy_calendar
|
Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin before 3.3.0 for WordPress allows remote attackers to inject arbitrary JavaScript via the yr parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9420
|
2024-11-21 12:36 |
2017-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246889
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-9440
|
2024-11-21 12:36 |
2017-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246890
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-9439
|
2024-11-21 12:36 |
2017-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
