|
249631
|
7.5 |
HIGH
Network
|
imagemagick
|
imagemagick
|
An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS).
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-6497
|
2024-11-21 12:29 |
2017-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249632
|
9.8 |
CRITICAL
Network
|
flexense
|
sysgauge
|
An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6416
|
2024-11-21 12:29 |
2017-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249633
|
8.1 |
HIGH
Network
|
wepresent
|
wipg-1500_firmware
|
The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device u…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-6351
|
2024-11-21 12:29 |
2017-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249634
|
6.1 |
MEDIUM
Network
|
dotclear
|
dotclear
|
XSS was discovered in Dotclear v2.11.2, affecting admin/blogs.php and admin/users.php with the sortby and order parameters.
|
CWE-79
Cross-site Scripting
|
CVE-2017-6446
|
2024-11-21 12:29 |
2017-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249635
|
7.2 |
HIGH
Network
|
admidio
|
admidio
|
SQL Injection was discovered in adm_program/modules/dates/dates_function.php in Admidio 3.2.5. The POST parameter dat_cat_id is concatenated into a SQL query without any input validation/sanitization.
|
CWE-89
SQL Injection
|
CVE-2017-6492
|
2024-11-21 12:29 |
2017-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249636
|
6.1 |
MEDIUM
Network
|
epesi
|
epesi
|
Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data (tooltip_id, callback, args, cid) passed to…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6491
|
2024-11-21 12:29 |
2017-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249637
|
6.1 |
MEDIUM
Network
|
epesi
|
epesi
|
Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data (cid, value, element, mode, tab, form_name,…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6490
|
2024-11-21 12:29 |
2017-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249638
|
6.1 |
MEDIUM
Network
|
epesi
|
epesi
|
Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data (element, state, cat, id, cid) passed to th…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6489
|
2024-11-21 12:29 |
2017-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249639
|
6.1 |
MEDIUM
Network
|
epesi
|
epesi
|
Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data (visible, tab, cid) passed to the EPESI-mas…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6488
|
2024-11-21 12:29 |
2017-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249640
|
6.1 |
MEDIUM
Network
|
epesi
|
epesi
|
Multiple Cross-Site Scripting (XSS) issues were discovered in EPESI 1.8.1.1. The vulnerabilities exist due to insufficient filtration of user-supplied data (state, element, id, tab, cid) passed to th…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6487
|
2024-11-21 12:29 |
2017-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
