|
266961
|
7.8 |
HIGH
Local
|
mcafee
|
application_control
|
Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code executi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-8009
|
2024-11-21 11:58 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266962
|
8.8 |
HIGH
Local
|
mcafee
|
security_scan_plus
|
Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus (SSP) 3.11.376 allows attackers to load a replacement of the version.dll file via McAfee McUICnt.exe onto a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-8008
|
2024-11-21 11:58 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266963
|
6.3 |
MEDIUM
Local
|
mcafee
|
host_intrusion_prevention_services
|
Authentication bypass vulnerability in McAfee Host Intrusion Prevention Services (HIPS) 8.0 Patch 7 and earlier allows authenticated users to manipulate the product's registry keys via specific condi…
|
CWE-284
Improper Access Control
|
CVE-2016-8007
|
2024-11-21 11:58 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266964
|
6.5 |
MEDIUM
Network
|
mcafee
|
email_gateway
|
File extension filtering vulnerability in Intel Security McAfee Email Gateway (MEG) before 7.6.404h1128596 allows attackers to fail to identify the file name properly via scanning an email with a for…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-8005
|
2024-11-21 11:58 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266965
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the apikey parameter.
|
CWE-89
SQL Injection
|
CVE-2016-7789
|
2024-11-21 11:58 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266966
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
SQL injection vulnerability in framework/modules/users/models/user.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
|
CWE-89
SQL Injection
|
CVE-2016-7788
|
2024-11-21 11:58 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266967
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
SQL injection vulnerability in the getSection function in framework/core/subsystems/expRouter.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the s…
|
CWE-89
SQL Injection
|
CVE-2016-7784
|
2024-11-21 11:58 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266968
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
SQL injection vulnerability in framework/core/models/expRecord.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.
|
CWE-89
SQL Injection
|
CVE-2016-7783
|
2024-11-21 11:58 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266969
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the src parameter.
|
CWE-89
SQL Injection
|
CVE-2016-7782
|
2024-11-21 11:58 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266970
|
9.8 |
CRITICAL
Network
|
exponentcms
|
exponent_cms
|
SQL injection vulnerability in framework/modules/blog/controllers/blogController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the author paramet…
|
CWE-89
SQL Injection
|
CVE-2016-7781
|
2024-11-21 11:58 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
