| Max CVSS | 10.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-8912 | 6.5 |
CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/editusertag.php, related to the CreateTagFunction and CallUserTag functions. NOTE: the vendor reportedly has stated
|
11-04-2024 - 00:59 | 12-05-2017 - 07:29 | |
| CVE-2016-10033 | 7.5 |
The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
|
14-02-2024 - 14:56 | 30-12-2016 - 19:59 | |
| CVE-2007-3938 | 7.5 |
SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.8x and earlier before 20070720 allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a view action in the Topics module, a different vulnerability
|
14-02-2024 - 01:17 | 21-07-2007 - 00:30 | |
| CVE-2017-7308 | 7.2 |
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or
|
14-02-2023 - 18:32 | 29-03-2017 - 20:59 | |
| CVE-2016-10073 | 5.0 |
The from method in library/core/class.email.php in Vanilla Forums before 2.3.1 allows remote attackers to spoof the email domain in sent messages and potentially obtain sensitive information via a crafted HTTP Host header, as demonstrated by a passwo
|
11-07-2019 - 12:45 | 23-05-2017 - 04:29 | |
| CVE-2017-7269 | 10.0 |
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://
|
03-07-2019 - 17:25 | 27-03-2017 - 02:59 | |
| CVE-2010-2719 | 7.5 |
SQL injection vulnerability in show.php in phpaaCms 0.3.1 UTF-8, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
17-08-2017 - 01:32 | 13-07-2010 - 18:30 | |
| CVE-2017-7478 | 5.0 |
OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.
|
16-08-2017 - 01:29 | 15-05-2017 - 18:29 | |
| CVE-2017-8852 | 6.8 |
SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the
|
16-08-2017 - 01:29 | 10-05-2017 - 17:29 |