|
263921
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-13058
|
2024-11-21 12:10 |
2017-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263922
|
6.1 |
MEDIUM
Network
|
phpmywind
|
phpmywind
|
PHPMyWind 5.3 has XSS in shoppingcart.php, related to message.php, admin/message.php, and admin/message_update.php.
|
CWE-79
Cross-site Scripting
|
CVE-2017-12984
|
2024-11-21 12:10 |
2017-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263923
|
8.8 |
HIGH
Network
|
imagemagick
|
imagemagick
|
Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified ot…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12983
|
2024-11-21 12:10 |
2017-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263924
|
5.5 |
MEDIUM
Local
|
uclouvain
|
openjpeg
|
The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does not reject headers with a zero biBitCount, which allows remote attackers to cause a denial of service (memory allocati…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12982
|
2024-11-21 12:10 |
2017-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263925
|
9.8 |
CRITICAL
Network
|
nexusphp
|
nexusphp
|
NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via the sort parameter in an addforum action.
|
CWE-89
SQL Injection
|
CVE-2017-12981
|
2024-11-21 12:10 |
2017-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263926
|
6.1 |
MEDIUM
Network
|
dokuwiki
|
dokuwiki
|
DokuWiki through 2017-02-19c has stored XSS when rendering a malicious RSS or Atom feed, in /inc/parser/xhtml.php. An attacker can create or edit a wiki that uses RSS or Atom data from an attacker-co…
|
CWE-79
Cross-site Scripting
|
CVE-2017-12980
|
2024-11-21 12:10 |
2017-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263927
|
6.1 |
MEDIUM
Network
|
dokuwiki
|
dokuwiki
|
DokuWiki through 2017-02-19c has stored XSS when rendering a malicious language name in a code element, in /inc/parser/xhtml.php. An attacker can create or edit a wiki with this element to trigger Ja…
|
CWE-79
Cross-site Scripting
|
CVE-2017-12979
|
2024-11-21 12:10 |
2017-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263928
|
5.4 |
MEDIUM
Network
|
cacti
|
cacti
|
lib/html.php in Cacti before 1.1.18 has XSS via the title field of an external link added by an authenticated user.
|
CWE-79
Cross-site Scripting
|
CVE-2017-12978
|
2024-11-21 12:10 |
2017-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263929
|
7.5 |
HIGH
Network
|
ccfile
|
cc_file_transfer
|
In Youngzsoft CCFile (aka CC File Transfer) 3.6, by sending a crafted HTTP request, it is possible for a malicious user to remotely crash the affected software. No authentication is required. An exam…
|
CWE-20
Improper Input Validation
|
CVE-2017-12784
|
2024-11-21 12:10 |
2017-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263930
|
7.2 |
HIGH
Network
|
10web
|
photo_gallery
|
The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwg_edit_tag() in photo-gallery.php and edit_tag() in a…
|
CWE-89
SQL Injection
|
CVE-2017-12977
|
2024-11-21 12:10 |
2017-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
