v.26.4.2314

Known Vulnerabilities

This page lists 14673 vulnerabilities in this category.

Critical: 1573 High: 3882 Medium: 8446 Low: 770 Information: 2

Vulnerability Name

CVE

CWE

Severity

Django URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-7233)

CVE-2017-7233

CWE-601

Medium

Django URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-7234)

CVE-2017-7234

CWE-601

Medium

jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4969)

CVE-2011-4969

CWE-707

Medium

Moodle Improper Privilege Management Vulnerability (CVE-2017-7532)

CVE-2017-7532

CWE-269

Medium

concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6908)

CVE-2017-6908

CWE-707

Medium

Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-7989)

CVE-2017-7989

CWE-434

Medium

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7983)

CVE-2017-7983

CWE-200

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7984)

CVE-2017-7984

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7985)

CVE-2017-7985

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7986)

CVE-2017-7986

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7987)

CVE-2017-7987

CWE-707

Medium

Joomla CVE-2017-7988 Vulnerability (CVE-2017-7988)

CVE-2017-7988

-

Medium

Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8052)

CVE-2017-8052

CWE-707

Medium

XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7944)

CVE-2017-7944

CWE-707

Medium

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-8057)

CVE-2017-8057

CWE-200

Medium

concrete5 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8082)

CVE-2017-8082

CWE-352

Medium

e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8098)

CVE-2017-8098

CWE-352

Medium

Joomla Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2011-4912)

CVE-2011-4912

CWE-732

Medium

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-8103)

CVE-2017-8103

CWE-707

Medium

MyBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-8104)

CVE-2017-8104

CWE-22

Medium

e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4920)

CVE-2011-4920

CWE-707

Medium

PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7890)

CVE-2017-7890

CWE-200

Medium

Nginx Improper Input Validation Vulnerability (CVE-2011-4968)

CVE-2011-4968

CWE-20

Medium

silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4958)

CVE-2011-4958

CWE-707

Medium

Nginx CVE-2011-4963 Vulnerability (CVE-2011-4963)

CVE-2011-4963

-

Medium

silverstripeCMS Improper Input Validation Vulnerability (CVE-2011-4962)

CVE-2011-4962

CWE-20

Medium

silverstripeCMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4961)

CVE-2011-4961

CWE-264

Medium

Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7559)

CVE-2017-7559

CWE-444

Medium

silverstripeCMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4959)

CVE-2011-4959

CWE-138

Medium

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7579)

CVE-2017-7579

CWE-707

Medium

WordPress Improper Input Validation Vulnerability (CVE-2011-4957)

CVE-2011-4957

CWE-20

Medium

e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4921)

CVE-2011-4921

CWE-138

Medium

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4956)

CVE-2011-4956

CWE-707

Medium

e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4947)

CVE-2011-4947

CWE-352

Medium

e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4946)

CVE-2011-4946

CWE-138

Medium

Apache Tomcat Insufficient Verification of Data Authenticity Vulnerability (CVE-2017-7674)

CVE-2017-7674

CWE-345

Medium

concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7725)

CVE-2017-7725

CWE-707

Medium

Zope Web Application Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4924)

CVE-2011-4924

CWE-707

Medium

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7887)

CVE-2017-7887

CWE-707

Medium

Apache HTTP Server CVE-2012-0053 Vulnerability (CVE-2012-0053)

CVE-2012-0053

-

Medium

concrete5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-6905)

CVE-2017-6905

CWE-707

Medium

MySQL CVE-2017-3642 Vulnerability (CVE-2017-3642)

CVE-2017-3642

-

Medium

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5488)

CVE-2017-5488

CWE-707

Medium

MySQL CVE-2012-0485 Vulnerability (CVE-2012-0485)

CVE-2012-0485

-

Medium

Serendipity URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-5474)

CVE-2017-5474

CWE-601

Medium

MySQL CVE-2012-0484 Vulnerability (CVE-2012-0484)

CVE-2012-0484

-

Medium

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0325)

CVE-2012-0325

CWE-707

Medium

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0324)

CVE-2012-0324

CWE-707

Medium

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5487)

CVE-2017-5487

CWE-200

Medium

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5490)

CVE-2017-5490

CWE-707

Medium

silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5197)

CVE-2017-5197

CWE-707

Medium

WordPress Insecure Default Initialization of Resource Vulnerability (CVE-2017-5491)

CVE-2017-5491

CWE-1188

Medium

Apache Traffic Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-0256)

CVE-2012-0256

CWE-119

Medium

SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0145)

CVE-2012-0145

CWE-707

Medium

b2evolution Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5494)

CVE-2017-5494

CWE-707

Medium

Plone CMS Use of Externally-Controlled Format String Vulnerability (CVE-2017-5524)

CVE-2017-5524

CWE-134

Medium

SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0144)

CVE-2012-0144

CWE-707

Medium

MySQL CVE-2012-0486 Vulnerability (CVE-2012-0486)

CVE-2012-0486

-

Medium

OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3738)

CVE-2017-3738

CWE-200

Medium

Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5608)

CVE-2017-5608

CWE-707

Medium

MySQL CVE-2017-3649 Vulnerability (CVE-2017-3649)

CVE-2017-3649

-

Medium

MySQL CVE-2017-3643 Vulnerability (CVE-2017-3643)

CVE-2017-3643

-

Medium

MySQL CVE-2017-3644 Vulnerability (CVE-2017-3644)

CVE-2017-3644

-

Medium

MySQL CVE-2017-3645 Vulnerability (CVE-2017-3645)

CVE-2017-3645

-

Medium

MySQL CVE-2017-3646 Vulnerability (CVE-2017-3646)

CVE-2017-3646

-

Medium

MySQL CVE-2017-3647 Vulnerability (CVE-2017-3647)

CVE-2017-3647

-

Medium

MySQL CVE-2017-3648 Vulnerability (CVE-2017-3648)

CVE-2017-3648

-

Medium

MySQL CVE-2017-3651 Vulnerability (CVE-2017-3651)

CVE-2017-3651

-

Medium

OpenSSL Out-of-bounds Write Vulnerability (CVE-2017-3737)

CVE-2017-3737

CWE-787

Medium

MySQL CVE-2017-3652 Vulnerability (CVE-2017-3652)

CVE-2017-3652

-

Medium

MySQL CVE-2012-0489 Vulnerability (CVE-2012-0489)

CVE-2012-0489

-

Medium

MySQL CVE-2012-0488 Vulnerability (CVE-2012-0488)

CVE-2012-0488

-

Medium

OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3732)

CVE-2017-3732

CWE-200

Medium

MySQL CVE-2012-0487 Vulnerability (CVE-2012-0487)

CVE-2012-0487

-

Medium

OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-3735)

CVE-2017-3735

CWE-119

Medium

«
1
...
137
138
139
...
196
»