|
250061
|
6.1 |
MEDIUM
Network
|
flipbuilder
|
flip_pdf
|
Cross-site scripting (XSS) vulnerability in FlipBuilder Flip PDF allows remote attackers to inject arbitrary web script or HTML via the currentHTMLURL parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2017-7384
|
2024-11-21 12:31 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250062
|
6.1 |
MEDIUM
Network
|
contiki-os
|
contiki
|
An issue was discovered in Contiki Operating System 3.0. A Persistent XSS vulnerability is present in the MQTT/IBM Cloud Config page (aka mqtt.html) of cc26xx-web-demo. The cc26xx-web-demo features a…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7296
|
2024-11-21 12:31 |
2017-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250063
|
7.5 |
HIGH
Network
|
contiki-os
|
contiki
|
An issue was discovered in Contiki Operating System 3.0. A use-after-free vulnerability exists in httpd-simple.c in cc26xx-web-demo httpd, where upon a connection close event, the http_state structur…
|
CWE-416
Use After Free
|
CVE-2017-7295
|
2024-11-21 12:31 |
2017-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250064
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortiportal
|
An open redirect vulnerability in Fortinet FortiPortal 4.0.0 and below allows attacker to execute unauthorized code or commands via the url parameter.
|
CWE-601
Open Redirect
|
CVE-2017-7343
|
2024-11-21 12:31 |
2017-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250065
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortiportal
|
A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the 'Name' and 'Description' inputs in the 'Add R…
|
CWE-79
Cross-site Scripting
|
CVE-2017-7339
|
2024-11-21 12:31 |
2017-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250066
|
7.5 |
HIGH
Network
|
fortinet
|
fortiportal
|
A password management vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to carry out information disclosure via the FortiAnalyzer Management View.
|
CWE-200
Information Exposure
|
CVE-2017-7338
|
2024-11-21 12:31 |
2017-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250067
|
9.1 |
CRITICAL
Network
|
fortinet
|
fortiportal
|
An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to interact with unauthorized VDOMs or enumerate other ADOMs via another user's stolen ses…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-7337
|
2024-11-21 12:31 |
2017-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250068
|
7.5 |
HIGH
Network
|
netapp
|
oncommand_unified_manager_core_package
|
NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 might allow remote attackers to obtain sensitive information via vectors involving error messages.
|
CWE-200
Information Exposure
|
CVE-2017-7439
|
2024-11-21 12:31 |
2017-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250069
|
7.5 |
HIGH
Network
|
netapp
|
oncommand_unified_manager_core_package
|
SQL injection vulnerability in NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2017-7236
|
2024-11-21 12:31 |
2017-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250070
|
6.1 |
MEDIUM
Network
|
synacor
|
zimbra_collaboration_suite
|
Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (ZCS) before 8.7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2017-7288
|
2024-11-21 12:31 |
2017-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
