CVEs from 2017
Total
11,611
critical
critical 1,650
high
high 5,043
medium
medium 4,169
low
low 159
% Critical
14.2%
% with KEV
0.7%
% with exploit
9.9%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-17573 | critical | 9.8 | 10.0 | 9y ago | FS Ebay Clone 1.0 has SQL Injection via the product.php id parameter, or the search.php category_id or sub_category_id parameter. | |||
| CVE-2017-17572 | critical | 9.8 | 10.0 | 9y ago | FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari. | |||
| CVE-2017-17571 | critical | 9.8 | 10.0 | 9y ago | FS Foodpanda Clone 1.0 has SQL Injection via the /food keywords parameter. | |||
| CVE-2017-17570 | critical | 9.8 | 10.0 | 9y ago | FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php fl_orig or fl_dest parameter. | |||
| CVE-2017-17560 | critical | 9.8 | 10.0 | 9y ago | An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is… | |||
| CVE-2017-17111 | critical | 9.8 | 10.0 | 9y ago | Posty Readymade Classifieds Script 1.0 allows an attacker to inject SQL commands via a listings.php?catid= or ads-details.php?ID= request. | |||
| CVE-2017-17110 | critical | 9.8 | 10.0 | 9y ago | Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL commands via a single.php?id= request. | |||
| CVE-2017-17055 | critical | 9.0 | 10.0 | 9y ago | Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a cross-site scripting (XSS) attack involving the username-form-id parameter to freeradius.… | |||
| CVE-2017-16930 | critical | 9.8 | 10.0 | 9y ago | The remote management interface on the Claymore Dual GPU miner 10.1 allows an unauthenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the request handler. Th… | |||
| CVE-2017-11282 | critical | 9.8 | 10.0 | 9y ago | Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier. | |||
| CVE-2017-11281 | critical | 9.8 | 10.0 | 9y ago | Adobe Flash Player has an exploitable memory corruption vulnerability in the text handling function. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlie… | |||
| CVE-2017-16935 | critical | 9.8 | 10.0 | 9y ago | Ametys before 4.0.3 requires authentication only for URIs containing a /cms/ substring, which allows remote attackers to bypass intended access restrictions via a direct request to /plugins/core-ui/s… | |||
| CVE-2017-16934 | critical | 9.8 | 10.0 | 9y ago | The web server on DBL DBLTek devices allows remote attackers to execute arbitrary OS commands by obtaining the admin password via a frame.html?content=/dev/mtdblock/5 request, and then using this pas… | |||
| CVE-2017-12635 | critical | 9.8 | 10.0 | 9y ago | multiple issues in couchdb | |||
| CVE-2017-16783 | critical | 9.8 | 10.0 | 9y ago | In CMS Made Simple 2.1.6, there is Server-Side Template Injection via the cntnt01detailtemplate parameter. | |||
| CVE-2017-16780 | critical | 9.8 | 10.0 | 9y ago | The installer in MyBB before 1.8.13 allows remote attackers to execute arbitrary code by writing to the configuration file. | |||
| CVE-2017-16562 | critical | 9.8 | 10.0 | 9y ago | The UserPro plugin before 4.9.17.1 for WordPress, when used on a site with the "admin" username, allows remote attackers to bypass authentication and obtain administrative access via a "true" value f… | |||
| CVE-2017-11309 | critical | 9.6 | 10.0 | 9y ago | Buffer overflow in the SoftConsole client in Avaya IP Office before 10.1.1 allows remote servers to execute arbitrary code via a long response. | |||
| CVE-2017-16543 | critical | 9.8 | 10.0 | 9y ago | Zoho ManageEngine Applications Manager 13 before build 13500 allows SQL injection via GraphicalView.do, as demonstrated by a crafted viewProps yCanvas field or viewid parameter. | |||
| CVE-2017-15993 | critical | 9.8 | 10.0 | 9y ago | Zomato Clone Script allows SQL Injection via the restaurant-menu.php resid parameter. | |||
| CVE-2017-15992 | critical | 9.8 | 10.0 | 9y ago | Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php. | |||
| CVE-2017-15991 | critical | 9.8 | 10.0 | 9y ago | Vastal I-Tech Agent Zone (aka The Real Estate Script) allows SQL Injection in searchCommercial.php via the property_type, city, or posted_by parameter, or searchResidential.php via the property_type,… | |||
| CVE-2017-15990 | critical | 9.8 | 10.0 | 9y ago | Php Inventory & Invoice Management System allows Arbitrary File Upload via dashboard/edit_myaccountdetail/. | |||
| CVE-2017-15989 | critical | 9.8 | 10.0 | 9y ago | Online Exam Test Application allows SQL Injection via the resources.php sort parameter in a category action. | |||
| CVE-2017-15988 | critical | 9.8 | 10.0 | 9y ago | Nice PHP FAQ Script allows SQL Injection via the index.php nice_theme parameter, a different vulnerability than CVE-2008-6525. | |||
| CVE-2017-15987 | critical | 9.8 | 10.0 | 9y ago | Fake Magazine Cover Script allows SQL Injection via the rate.php value parameter or the content.php id parameter. | |||
| CVE-2017-15986 | critical | 9.8 | 10.0 | 9y ago | CPA Lead Reward Script allows SQL Injection via the username parameter. | |||
| CVE-2017-15985 | critical | 9.8 | 10.0 | 9y ago | Basic B2B Script allows SQL Injection via the product_view1.php pid or id parameter. | |||
| CVE-2017-15984 | critical | 9.8 | 10.0 | 9y ago | Creative Management System (CMS) Lite 1.4 allows SQL Injection via the S parameter to index.php. | |||
| CVE-2017-15983 | critical | 9.8 | 10.0 | 9y ago | MyMagazine Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. | |||
| CVE-2017-15982 | critical | 9.8 | 10.0 | 9y ago | Dynamic News Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. | |||
| CVE-2017-15981 | critical | 9.8 | 10.0 | 9y ago | Responsive Newspaper Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing. | |||
| CVE-2017-15980 | critical | 9.8 | 10.0 | 9y ago | US Zip Codes Database Script 1.0 allows SQL Injection via the state parameter. | |||
| CVE-2017-15979 | critical | 9.8 | 10.0 | 9y ago | Shareet - Photo Sharing Social Network 1.0 allows SQL Injection via the photo parameter. | |||
| CVE-2017-15978 | critical | 9.8 | 10.0 | 9y ago | AROX School ERP PHP Script 1.0 allows SQL Injection via the office_admin/ id parameter. | |||
| CVE-2017-15977 | critical | 9.8 | 10.0 | 9y ago | Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter. | |||
| CVE-2017-15976 | critical | 9.8 | 10.0 | 9y ago | ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604. | |||
| CVE-2017-15975 | critical | 9.8 | 10.0 | 9y ago | Vastal I-Tech Dating Zone 0.9.9 allows SQL Injection via the 'product_id' to add_to_cart.php, a different vulnerability than CVE-2008-4461. | |||
| CVE-2017-15974 | critical | 9.8 | 10.0 | 9y ago | tPanel 2009 allows SQL injection for Authentication Bypass via 'or 1=1 or ''=' to login.php. | |||
| CVE-2017-15973 | critical | 9.8 | 10.0 | 9y ago | Sokial Social Network Script 1.0 allows SQL Injection via the id parameter to admin/members_view.php. | |||
| CVE-2017-15972 | critical | 9.8 | 10.0 | 9y ago | SoftDatepro Dating Social Network 1.3 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15… | |||
| CVE-2017-15971 | critical | 9.8 | 10.0 | 9y ago | Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15972. | |||
| CVE-2017-15970 | critical | 9.8 | 10.0 | 9y ago | PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter. | |||
| CVE-2017-15969 | critical | 9.8 | 10.0 | 9y ago | PG All Share Video 1.0 allows SQL Injection via the PATH_INFO to search/tag, friends/index, users/profile, or video_catalog/category. | |||
| CVE-2017-15968 | critical | 9.8 | 10.0 | 9y ago | MyBuilder Clone 1.0 allows SQL Injection via the phpsqlsearch_genxml.php subcategory parameter. | |||
| CVE-2017-15967 | critical | 9.8 | 10.0 | 9y ago | Mailing List Manager Pro 3.0 allows SQL Injection via the edit parameter to admin/users in a sort=login action, or the edit parameter to admin/template. | |||
| CVE-2017-15966 | critical | 9.8 | 10.0 | 9y ago | The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php. | |||
| CVE-2017-15965 | critical | 9.8 | 10.0 | 9y ago | The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action. | |||
| CVE-2017-15964 | critical | 9.8 | 10.0 | 9y ago | Job Board Script Software allows SQL Injection via the PATH_INFO to a /job-details URI. | |||
| CVE-2017-15963 | critical | 9.8 | 10.0 | 9y ago | iTech Gigs Script 1.21 allows SQL Injection via the browse-scategory.php sc parameter or the service-provider.php ser parameter. | |||
| CVE-2017-15962 | critical | 9.8 | 10.0 | 9y ago | iStock Management System 1.0 allows Arbitrary File Upload via user/profile. | |||
| CVE-2017-15961 | critical | 9.8 | 10.0 | 9y ago | iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php. | |||
| CVE-2017-15960 | critical | 9.8 | 10.0 | 9y ago | Article Directory Script 3.0 allows SQL Injection via the id parameter to author.php or category.php. | |||
| CVE-2017-15959 | critical | 9.8 | 10.0 | 9y ago | Adult Script Pro 2.2.4 allows SQL Injection via the PATH_INFO to a /download URI, a different vulnerability than CVE-2007-6576. | |||
| CVE-2017-15958 | critical | 9.8 | 10.0 | 9y ago | D-Park Pro Domain Parking Script 1.0 allows SQL Injection via the username to admin/loginform.php. | |||
| CVE-2017-15222 | critical | 9.8 | 10.0 | 9y ago | Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code. | |||
| CVE-2017-15081 | critical | 9.8 | 10.0 | 9y ago | In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php. | |||
| CVE-2017-15580 | critical | 9.8 | 10.0 | 9y ago | osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats. However, it does not properly validate the uploaded file's contents and thus accepts any type of file, such as… | |||
| CVE-2017-10366 | critical | 9.8 | 10.0 | 9y ago | Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Performance Monitor). Supported versions that are affected are 8.54, 8.55 and 8.56. Ea… | |||
| CVE-2017-14322 | critical | 9.8 | 10.0 | 9y ago | The function in charge to check whether the user is already logged in init.php in Interspire Email Marketer (IEM) prior to 6.1.6 allows remote attackers to bypass authentication and obtain administra… | |||
| CVE-2017-15579 | critical | 9.8 | 10.0 | 9y ago | In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aa_pages_per_page cookie in a playlist action to watch.php. | |||
| CVE-2017-12629 | critical | 9.8 | 10.0 | 9y ago | Remote code execution occurs in Apache Solr | |||
| CVE-2017-15220 | critical | 9.8 | 10.0 | 9y ago | Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring. This allows remote attackers to execute arbitrary cod… | |||
| CVE-2017-14980 | critical | 9.8 | 10.0 | 9y ago | Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login. | |||
| CVE-2017-14089 | critical | 9.8 | 10.0 | 9y ago | An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and ca… | |||
| CVE-2017-14491 | critical | 9.8 | 10.0 | 9y ago | Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. | |||
| CVE-2017-6089 | critical | 9.8 | 10.0 | 9y ago | SQL injection vulnerability in PhpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) project or id parameters to topics/deletetopics.php; the (2) id parame… | |||
| CVE-2017-14493 | critical | 9.8 | 10.0 | 9y ago | Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request. | |||
| CVE-2017-14492 | critical | 9.8 | 10.0 | 9y ago | Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request. | |||
| CVE-2017-14738 | critical | 9.8 | 10.0 | 9y ago | FileRun (version 2017.09.18 and below) suffers from a remote SQL injection vulnerability due to a failure to sanitize input in the metafield parameter inside the metasearch module (under the search f… | |||
| CVE-2017-14702 | critical | 9.8 | 10.0 | 9y ago | ERS Data System 1.8.1.0 allows remote attackers to execute arbitrary code, related to "com.branaghgroup.ecers.update.UpdateRequest" object deserialization. | |||
| CVE-2017-14507 | critical | 9.8 | 10.0 | 9y ago | Multiple SQL injection vulnerabilities in the Content Timeline plugin 4.4.2 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) timeline parameter in content_timeline_c… | |||
| CVE-2017-11120 | critical | 9.8 | 10.0 | 9y ago | On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2… | |||
| CVE-2017-14703 | critical | 9.8 | 10.0 | 9y ago | SQL injection vulnerability in Cash Back Comparison Script 1.0 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to search/. | |||
| CVE-2017-14706 | critical | 9.8 | 10.0 | 9y ago | DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to obtain authentication information by making a typeOf=debug request to /webservices/download/index.php, and then reading the iToken … | |||
| CVE-2017-12930 | critical | 9.8 | 10.0 | 9y ago | SQL Injection in the admin interface in TecnoVISION DLX Spot Player4 version >1.5.10 allows remote unauthenticated users to access the web interface as administrator via a crafted password. | |||
| CVE-2017-12611 | critical | 9.8 | 10.0 | 9y ago | Apache Struts 2.0.1 uses an unintentional expression in a Freemarker tag instead of string literal | |||
| CVE-2017-6315 | critical | 9.8 | 10.0 | 9y ago | Astaro Security Gateway (aka ASG) 7 allows remote attackers to execute arbitrary code via a crafted request to index.plx. | |||
| CVE-2017-14143 | critical | 9.8 | 10.0 | 9y ago | The getUserzoneCookie function in Kaltura before 13.2.0 uses a hardcoded cookie secret to validate cookie signatures, which allows remote attackers to bypass an intended protection mechanism and cons… | |||
| CVE-2017-14244 | critical | 9.8 | 10.0 | 9y ago | An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs wi… | |||
| CVE-2017-14243 | critical | 9.8 | 10.0 | 9y ago | An authentication bypass vulnerability on UTStar WA3002G4 ADSL Broadband Modem WA3002G4-0021.01 devices allows attackers to directly access administrative settings and obtain cleartext credentials fr… | |||
| CVE-2017-13067 | critical | 9.8 | 10.0 | 9y ago | QNAP has patched a remote code execution vulnerability affecting the QTS Media Library in all versions prior to QTS 4.2.6 build 20170905 and QTS 4.3.3.0299 build 20170901. This particular vulnerabili… | |||
| CVE-2017-1002008 | critical | 9.8 | 10.0 | 9y ago | Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file download code located membership-simplified-for-oap-members-only/download.php does not check whether a use… | |||
| CVE-2017-1002003 | critical | 9.8 | 10.0 | 9y ago | Vulnerability in wordpress plugin wp2android-turn-wp-site-into-android-app v1.1.4, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com. | |||
| CVE-2017-1002002 | critical | 9.8 | 10.0 | 9y ago | Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/ | |||
| CVE-2017-1002001 | critical | 9.8 | 10.0 | 9y ago | Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com. | |||
| CVE-2017-1002000 | critical | 9.8 | 10.0 | 9y ago | Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php doesn't require authentication or check … | |||
| CVE-2017-14396 | critical | 9.8 | 10.0 | 9y ago | In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square brackets at the end of a parameter name, as demonstrated by the key parameter to file.php. | |||
| CVE-2017-9834 | critical | 9.8 | 10.0 | 9y ago | SQL injection vulnerability in the WatuPRO plugin before 5.5.3.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the watupro_questions parameter in a watupro_submit action… | |||
| CVE-2017-14147 | critical | 9.8 | 10.0 | 9y ago | An issue was discovered on FiberHome User End Routers Bearing Model Number AN1020-25 which could allow an attacker to easily restore a router to its factory settings by simply browsing to the link ht… | |||
| CVE-2017-3897 | critical | 9.8 | 10.0 | 9y ago | A Code Injection vulnerability in the non-certificate-based authentication mechanism in McAfee Live Safe versions prior to 16.0.3 and McAfee Security Scan Plus (MSS+) versions prior to 3.11.599.3 all… | |||
| CVE-2017-13708 | critical | 9.8 | 10.0 | 9y ago | Buffer overflow in the web server service in VX Search Enterprise 10.0.14 allows remote attackers to execute arbitrary code via a crafted GET request. | |||
| CVE-2017-12965 | critical | 9.8 | 10.0 | 9y ago | Session fixation vulnerability in Apache2Triad 1.5.4 allows remote attackers to hijack web sessions via the PHPSESSID parameter. | |||
| CVE-2017-12787 | critical | 9.8 | 10.0 | 9y ago | A network interface of the novi_process_manager_daemon service, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an… | |||
| CVE-2017-12786 | critical | 9.8 | 10.0 | 9y ago | Network interfaces of the cliengine and noviengine services, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an op… | |||
| CVE-2017-12785 | critical | 9.8 | 10.0 | 9y ago | The novish command-line interface, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, is prone to a buffer overflow in the "show log cli" command. Th… | |||
| CVE-2017-12943 | critical | 9.8 | 10.0 | 9y ago | D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a model/__show_info.php?REQUIRE_FILE= absolute path traversal attack, as demonstrated by discovering the … | |||
| CVE-2017-11153 | critical | 9.8 | 10.0 | 9y ago | Deserialization vulnerability in synophoto_csPhotoMisc.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to gain administrator privileges via a crafted serialized p… | |||
| CVE-2017-11151 | critical | 9.8 | 10.0 | 9y ago | A vulnerability in synotheme_upload.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to upload arbitrary files without authentication via the logo_upload action. | |||
| CVE-2017-12478 | critical | 9.8 | 10.0 | 9y ago | It was discovered that the api/storage web interface in Unitrends Backup (UB) before 10.0.0 has an issue in which one of its input parameters was not validated. A remote attacker could use this flaw … |