|
266021
|
8.8 |
HIGH
Network
|
foxitsoftware
|
foxit_reader
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the ta…
|
CWE-78
OS Command
|
CVE-2017-10951
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266022
|
7.0 |
HIGH
Local
|
bitdefender
|
total_security
|
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Bitdefender Total Security 21.0.24.62. An attacker must first obtain the ability to execute low-priv…
|
CWE-415
Double Free
|
CVE-2017-10950
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266023
|
8.8 |
HIGH
Network
|
basercms
|
basercms
|
baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows an attacker to execute arbitrary PHP code on the server via unspecified vectors.
|
CWE-94
Code Injection
|
CVE-2017-10844
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266024
|
7.5 |
HIGH
Network
|
basercms
|
basercms
|
baserCMS version 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to delete arbitrary files via unspecified vectors when the "File" field is being used in the mail form.
|
NVD-CWE-noinfo
|
CVE-2017-10843
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266025
|
9.8 |
CRITICAL
Network
|
basercms
|
basercms
|
SQL injection vulnerability in the baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2017-10842
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266026
|
4.9 |
MEDIUM
Network
|
webcalendar_project
|
webcalendar
|
Directory traversal vulnerability in WebCalendar 1.2.7 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2017-10841
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266027
|
6.1 |
MEDIUM
Network
|
webcalendar_project
|
webcalendar
|
Cross-site scripting vulnerability in WebCalendar 1.2.7 and earlier allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2017-10840
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266028
|
8.8 |
HIGH
Network
|
seopanel
|
seo_panel
|
SQL injection vulnerability in the SEO Panel prior to version 3.11.0 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2017-10839
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266029
|
6.1 |
MEDIUM
Network
|
seopanel
|
seo_panel
|
Cross-site scripting vulnerability in SEO Panel prior to version 3.11.0 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2017-10838
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266030
|
6.1 |
MEDIUM
Network
|
backup-guard
|
backup_guard
|
Cross-site scripting vulnerability in BackupGuard prior to version 1.1.47 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2017-10837
|
2024-11-21 12:06 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
