|
253201
|
6.1 |
MEDIUM
Network
|
postman-smtp_project
|
postman-smtp
|
The postman-smtp plugin through 2017-10-04 for WordPress has XSS via the wp-admin/tools.php?page=postman_email_log page parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2017-18603
|
2024-11-21 12:20 |
2019-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253202
|
8.8 |
HIGH
Network
|
ibps_online_exam_project
|
ibps_online_exam
|
The examapp plugin 1.0 for WordPress has SQL injection via the wp-admin/admin.php?page=examapp_UserResult id parameter.
|
CWE-89
SQL Injection
|
CVE-2017-18602
|
2024-11-21 12:20 |
2019-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253203
|
5.4 |
MEDIUM
Network
|
ibps_online_exam_project
|
ibps_online_exam
|
The examapp plugin 1.0 for WordPress has XSS via exam input text fields.
|
CWE-79
Cross-site Scripting
|
CVE-2017-18601
|
2024-11-21 12:20 |
2019-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253204
|
5.4 |
MEDIUM
Network
|
ncrafts
|
formcraft
|
The formcraft3 plugin before 3.4 for WordPress has stored XSS via the "New Form > Heading > Heading Text" field.
|
CWE-79
Cross-site Scripting
|
CVE-2017-18600
|
2024-11-21 12:20 |
2019-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253205
|
6.1 |
MEDIUM
Network
|
pinfinity_project
|
pinfinity
|
The Pinfinity theme before 2.0 for WordPress has XSS via the s parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2017-18599
|
2024-11-21 12:20 |
2019-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253206
|
6.1 |
MEDIUM
Network
|
designmodo
|
qards
|
The Qards plugin through 2017-10-11 for WordPress has XSS via a remote document specified in the url parameter to html2canvasproxy.php.
|
CWE-79
Cross-site Scripting
|
CVE-2017-18598
|
2024-11-21 12:20 |
2019-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253207
|
8.8 |
HIGH
Network
|
jtrt_responsive_tables_project
|
jtrt_responsive_tables
|
The jtrt-responsive-tables plugin before 4.1.2 for WordPress has SQL Injection via the admin/class-jtrt-responsive-tables-admin.php tableId parameter.
|
CWE-89
SQL Injection
|
CVE-2017-18597
|
2024-11-21 12:20 |
2019-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253208
|
8.8 |
HIGH
Network
|
elementor
|
elementor_page_builder
|
The elementor plugin before 1.8.0 for WordPress has incorrect access control for internal functions.
|
CWE-269
Improper Privilege Management
|
CVE-2017-18596
|
2024-11-21 12:20 |
2019-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253209
|
7.8 |
HIGH
Local
|
linux
opensuse
|
linux_kernel
leap
|
An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.
|
CWE-415
Double Free
|
CVE-2017-18595
|
2024-11-21 12:20 |
2019-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253210
|
7.5 |
HIGH
Network
|
nmap
|
nmap
|
nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \n character to ssh-brute.nse or ssh-auth-metho…
|
CWE-415
Double Free
|
CVE-2017-18594
|
2024-11-21 12:20 |
2019-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
