|
265061
|
7.0 |
HIGH
Local
|
bitdefender
|
total_security
|
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Bitdefender Total Security 21.0.24.62. An attacker must first obtain the ability to execute low-priv…
|
CWE-415
Double Free
|
CVE-2017-10950
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265062
|
8.8 |
HIGH
Network
|
basercms
|
basercms
|
baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows an attacker to execute arbitrary PHP code on the server via unspecified vectors.
|
CWE-94
Code Injection
|
CVE-2017-10844
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265063
|
7.5 |
HIGH
Network
|
basercms
|
basercms
|
baserCMS version 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to delete arbitrary files via unspecified vectors when the "File" field is being used in the mail form.
|
NVD-CWE-noinfo
|
CVE-2017-10843
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265064
|
9.8 |
CRITICAL
Network
|
basercms
|
basercms
|
SQL injection vulnerability in the baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2017-10842
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265065
|
4.9 |
MEDIUM
Network
|
webcalendar_project
|
webcalendar
|
Directory traversal vulnerability in WebCalendar 1.2.7 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2017-10841
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265066
|
6.1 |
MEDIUM
Network
|
webcalendar_project
|
webcalendar
|
Cross-site scripting vulnerability in WebCalendar 1.2.7 and earlier allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2017-10840
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265067
|
8.8 |
HIGH
Network
|
seopanel
|
seo_panel
|
SQL injection vulnerability in the SEO Panel prior to version 3.11.0 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2017-10839
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265068
|
6.1 |
MEDIUM
Network
|
seopanel
|
seo_panel
|
Cross-site scripting vulnerability in SEO Panel prior to version 3.11.0 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2017-10838
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265069
|
6.1 |
MEDIUM
Network
|
backup-guard
|
backup_guard
|
Cross-site scripting vulnerability in BackupGuard prior to version 1.1.47 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2017-10837
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265070
|
7.8 |
HIGH
Local
|
optim
|
optimal_guard
|
Untrusted search path vulnerability in Optimal Guard 1.1.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
CWE-426
Untrusted Search Path
|
CVE-2017-10836
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
