Prophaze
  • What is Prophaze AppSec Platform? How it works?
    • Performance
    • SSL Termination
    • Modes of Operation
  • Prophaze AppSec Best Practices
  • Application Onboarding
    • Account Creation
    • Deployment Models
      • Cloud
      • On-Premise
      • Kubernetes Deployment
    • Multi-Cloud Setup
  • DASHBOARD UI OVERVIEW
    • Dashboard
    • Traffic Analysis
    • API Security
    • Attack Analytics
    • DDOS Attacks
    • Rules Page
    • Bot Mitigation
    • Anomaly Detection
    • Reporting
    • Attack Types
    • Incidents
    • AppSec Toggle Mode
    • SSL Certificate
  • HTTP Support
    • Encoding Types
    • Protocol Validation
  • Protection Use Cases
    • HTTP Protocol Violation
    • Protocol Anomalies
    • Bot Detection
    • Injection Prevention
    • HTTP Request Smuggling
    • HTTP Response Splitting
    • XSS Prevention
    • LFI and RFI
    • Session Fixation
    • SQL Injection Prevention
    • Layer 7 Dos Attack Prevention
    • PHP Application Protection
  • Detection Techniques
    • Normalization
    • Negative Security Model
    • Signature and Rule Database
  • FAQ
    • Onboarding Process
    • Dashboard Terminology
    • Attack Section
    • Rule Set
    • Traffic 360: General Traffic Logs
    • ML Based Bot Mitigation
    • Generating Reports
    • Anomaly Detection
    • General
  • Software Updates
    • Release Notes v2.3.0
  • Release Notes v2.4.0
  • Release Notes v2.5.0
  • API Security Dashboard
    • API Security Features of Prophaze
    • API security scoring
    • Host-Based API Quality Score
    • How to Enable API Security and Dashboard
    • API Security Section
  • CVE
    • CVE-2024
    • CVE-2023
    • CVE-2022
    • CVE-2021
    • CVE-2020
    • CVE-2019
    • CVE-2018
    • CVE-2017
    • CVE-2012
    • CVE-2011
    • CVE-2009
    • CVE-2008
    • CVE-2001
Powered by GitBook
On this page

Was this helpful?

  1. CVE

CVE-2017

CVE
CVE Description
Reference

CVE-2017-11471

IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter.

CVE-2017-11502

Technicolor DPC3928AD DOCSIS devices allow remote attackers to read arbitrary files via a request starting with "GET /../" on TCP port 4321.

CVE-2017-11467

OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request.

CVE-2017-3897

A Code Injection vulnerability in the non-certificate-based authentication mechanism in McAfee Live Safe versions prior to 16.0.3 and McAfee Security Scan Plus (MSS+) versions prior to 3.11.599.3 allows network attackers to perform a malicious file execution via a HTTP backend-response.

CVE-2017-12854

No summary available for this CVE

CVE-2017-7950

Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted PCX file.

CVE-2017-14335

On Beijing Hanbang Hanbanggaoke devices, because user-controlled input is not sufficiently sanitized, sending a PUT request to /ISAPI/Security/users/1 allows an admin password change.

CVE-2017-13068

QNAP has already patched this vulnerability. This security concern allows a remote attacker to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack.

CVE-2017-15579

In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aa_pages_per_page cookie in a playlist action to watch.php.

CVE-2017-14960

xDashboard in OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 has SQL Injection.

CVE-2017-16934

The web server on DBL DBLTek devices allows remote attackers to execute arbitrary OS commands by obtaining the admin password via a frame.html?content=/dev/mtdblock/5 request, and then using this password for the HTTP Basic Authentication needed for a change_password.csp request, which supports a "<%%25call system.exec:" string in the passwd parameter.

CVE-2017-16935

Ametys before 4.0.3 requires authentication only for URIs containing a /cms/ substring, which allows remote attackers to bypass intended access restrictions via a direct request to /plugins/core-ui/servercomm/messages.xml, as demonstrated by changing the admin password by obtaining account details via a users/search.json request, and then modifying the account via an editUser request.

CVE-2017-16716

A SQL Injection issue was discovered in WebAccess versions prior to 8.3. WebAccess does not properly sanitize its inputs for SQL commands.

CVE-2017-17612

Hot Scripts Clone 3.1 has SQL Injection via the /categories subctid or mctid parameter.

CVE-2017-16921

In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters (related to PGP) and execute arbitrary shell commands with the permissions of the OTRS or web server user.

CVE-2017-15374

Shopware v5.2.5 - v5.3 is vulnerable to cross site scripting in the customer and order section of the content management system backend modules. Remote attackers are able to inject malicious script code into the firstname, lastname, or order input fields to provoke persistent execution in the customer and orders section of the backend. The execution occurs in the administrator backend listing when processing a preview of the customers (kunden) or orders (bestellungen). The injection can be performed interactively via user registration or by manipulation of the order information inputs. The issue can be exploited by low privileged user accounts against higher privileged (admin or moderator) accounts.

CVE-2017-17999

SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to execute arbitrary SQL commands via the search parameter to index.php/knowledge_base/get_article_suggestion/.

CVE-2017-17976

In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can lead to remote code execution.

CVE-2017-17970

Multiple SQL injection vulnerabilities in Muviko 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to login.php; the (2) season_id parameter to themes/flixer/ajax/load_season.php; the (3) movie_id parameter to themes/flixer/ajax/get_rating.php; the (4) rating or (5) movie_id parameter to themes/flixer/ajax/update_rating.php; or the (6) id parameter to themes/flixer/ajax/set_player_source.php.

CVE-2017-9554

An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to enumerate valid usernames via unspecified vectors.

CVE-2017-7997

Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the (1) show_prn parameter to webapp/users/prnow.jsp or show_month parameter to (2) webapp/users/blhistory.jsp or (3) webapp/users/prhistory.jsp.

CVE-2017-17098

The writeLog function in fn_common.php in gps-server.net GPS Tracking Software (self hosted) through 3.0 allows remote attackers to inject arbitrary PHP code via a crafted request that is mishandled during admin log viewing, as demonstrated by <?php system($_GET[cmd]); ?> in a login request.

CVE-2017-17875

The JEXTN FAQ Pro extension 4.0.0 for Joomla! has SQL Injection via the id parameter in a view=category action.

CVE-2017-17721

CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows SQL injection via the tradestatus, assetno, assignto, building, domain, jobtype, site, trade, woType, workorderno, or workorderstatus parameter.

CVE-2017-17752

Ability Mail Server 3.3.2 has Cross Site Scripting (XSS) via the body of an e-mail message, with JavaScript code executed on the Read Mail screen (aka the /_readmail URI). This is fixed in version 4.2.4.

CVE-2017-17739

The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal via the /storage.html rp parameter, allowing an attacker to read or write to files.

CVE-2017-17672

In vBulletin through 5.3.x, there is an unauthenticated deserialization vulnerability that leads to arbitrary file deletion and, under certain circumstances, code execution, because of unsafe usage of PHP's unserialize() in vB_Library_Template's cacheTemplates() function, which is a publicly exposed API. This is exploited with the templateidlist parameter to ajax/api/template/cacheTemplates.

CVE-2017-10682

SQL injection vulnerability in the administrative backend in Piwigo through 2.9.1 allows remote users to execute arbitrary SQL commands via the cat_false or cat_true parameter in the comments or status page to cat_options.php.

CVE-2017-17645

Bus Booking Script 1.0 has SQL Injection via the txtname parameter to admin/index.php.

CVE-2017-17643

FS Lynda Clone 1.0 has SQL Injection via the keywords parameter to tutorial/.

CVE-2017-17651

Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter.

CVE-2017-17649

Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter.

CVE-2017-16787

The Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote attackers to read arbitrary files by leveraging failure to restrict URL access.

CVE-2017-17872

The JEXTN Video Gallery extension 3.0.5 for Joomla! has SQL Injection via the id parameter in a view=category action.

CVE-2017-17871

The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter.

CVE-2017-17870

The JBuildozer extension 1.4.1 for Joomla! has SQL Injection via the appid parameter in an entriessearch action.

CVE-2017-17873

Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI.

CVE-2017-17642

Basic Job Site Script 2.0.5 has SQL Injection via the keyword parameter to /job.

CVE-2017-17641

Resume Clone Script 2.0.5 has SQL Injection via the preview.php id parameter.

CVE-2017-17640

Advanced World Database 2.0.5 has SQL Injection via the city.php country or state parameter, or the state.php country parameter.

CVE-2017-17640

Advanced World Database 2.0.5 has SQL Injection via the city.php country or state parameter, or the state.php country parameter.

CVE-2017-17639

Muslim Matrimonial Script 3.02 has SQL Injection via the success-story.php succid parameter.

CVE-2017-17638

Groupon Clone Script 3.01 has SQL Injection via the city_ajax.php state_id parameter.

CVE-2017-17637

Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter.

CVE-2017-17636

MLM Forced Matrix 2.0.9 has SQL Injection via the news-detail.php newid parameter.

CVE-2017-17635

MLM Forex Market Plan Script 2.0.4 has SQL Injection via the news_detail.php newid parameter or the event_detail.php eventid parameter.

CVE-2017-17604

Entrepreneur Bus Booking Script 3.0.4 has SQL Injection via the booker_details.php sourcebus parameter.

CVE-2017-17603

Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter.

CVE-2017-17634

Single Theater Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter.

CVE-2017-17633

Multiplex Movie Theater Booking Script 3.1.5 has SQL Injection via the trailer-detail.php moid parameter, show-time.php moid parameter, or event-detail.php eid parameter.

CVE-2017-17632

Responsive Events And Movie Ticket Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter.

CVE-2017-17631

Multireligion Responsive Matrimonial 4.7.2 has SQL Injection via the success-story.php succid parameter.

CVE-2017-17628

Responsive Realestate Script 3.2 has SQL Injection via the property-list tbud parameter.

CVE-2017-17627

Readymade Video Sharing Script 3.2 has SQL Injection via the single-video-detail.php report_videos array parameter.

CVE-2017-17626

Readymade PHP Classified Script 3.3 has SQL Injection via the /categories subctid or mctid parameter.

CVE-2017-17625

Professional Service Script 1.0 has SQL Injection via the service-list city parameter.

CVE-2017-17624

PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the category.php searchcat or chid1 parameter.

CVE-2017-17623

Opensource Classified Ads Script 3.2 has SQL Injection via the advance_result.php keyword parameter.

CVE-2017-17622

Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter.

CVE-2017-17621

Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the PATH_INFO to the /detail URI.

CVE-2017-17620

Lawyer Search Script 1.1 has SQL Injection via the /lawyer-list city parameter.

CVE-2017-17619

Laundry Booking Script 1.0 has SQL Injection via the /list city parameter.

CVE-2017-17629

Secure E-commerce Script 2.0.1 has SQL Injection via the category.php searchmain or searchcat parameter, or the single_detail.php sid parameter.

CVE-2017-17618

Kickstarter Clone Script 2.0 has SQL Injection via the investcalc.php projid parameter.

CVE-2017-17617

Foodspotting Clone Script 1.0 has SQL Injection via the quicksearch.php q parameter.

CVE-2017-17612

Hot Scripts Clone 3.1 has SQL Injection via the /categories subctid or mctid parameter.

CVE-2017-17613

Freelance Website Script 2.0.6 has SQL Injection via the jobdetails.php pr_id parameter or the searchbycat_list.php catid parameter.

CVE-2017-17630

Yoga Class Script 1.0 has SQL Injection via the /list city parameter.

CVE-2017-17614

Food Order Script 1.0 has SQL Injection via the /list city parameter.

CVE-2017-17615

Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter.

CVE-2017-17616

Event Search Script 1.0 has SQL Injection via the /event-list city parameter.

CVE-2017-17648

Entrepreneur Dating Script 2.0.1 has SQL Injection via the search_result.php marital, gender, country, or profileid parameter.

CVE-2017-17610

E-commerce MLM Software 1.0 has SQL Injection via the service_detail.php pid parameter, event_detail.php eventid parameter, or news_detail.php newid parameter.

CVE-2017-17611

Doctor Search Script 1.0 has SQL Injection via the /list city parameter.

CVE-2017-17596

Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.

CVE-2017-17605

Consumer Complaints Clone Script 1.0 has SQL Injection via the other-user-profile.php id parameter.

CVE-2017-17606

Co-work Space Search Script 1.0 has SQL Injection via the /list city parameter.

CVE-2017-17607

CMS Auditor Website 1.0 has SQL Injection via the PATH_INFO to /news-detail.

CVE-2017-17608

Child Care Script 1.0 has SQL Injection via the /list city parameter.

CVE-2017-17609

Chartered Accountant Booking Script 1.0 has SQL Injection via the /service-list city parameter.

CVE-2017-17601

Cab Booking Script 1.0 has SQL Injection via the /service-list city parameter.

CVE-2017-17597

Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php search parameter.

CVE-2017-17595

Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter.

CVE-2017-17600

Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.

CVE-2017-17598

Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter.

CVE-2017-17599

Advance Online Learning Management Script 3.1 has SQL Injection via the courselist.php subcatid or popcourseid parameter.

CVE-2017-17602

Advance B2B Script 2.1.3 has SQL Injection via the tradeshow-list-detail.php show_id or view-product.php pid parameter.

CVE-2017-17571

FS Foodpanda Clone 1.0 has SQL Injection via the /food keywords parameter.

CVE-2017-17570

FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php fl_orig or fl_dest parameter.

CVE-2017-8841

Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the upfile.path parameter.

CVE-2017-8840

Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the upfile.path parameter.

CVE-2017-8839

Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the upfile.path parameter.

CVE-2017-8838

Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the upfile.path parameter.

CVE-2017-8837

Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the upfile.path parameter.

CVE-2017-8836

Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the upfile.path parameter.

CVE-2017-8835

Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the upfile.path parameter.

CVE-2017-9414

Cross-site request forgery (CSRF) vulnerability in the Subscribe to Podcast feature in Subsonic 6.1.1 allows remote attackers to hijack the authentication of unspecified victims for requests that conduct cross-site scripting (XSS) attacks or possibly have unspecified other impact via the name parameter to playerSettings.view.

CVE-2017-6529

An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to session hijacking by guessing the UID parameter.

CVE-2017-17577

FS Trademe Clone 1.0 has SQL Injection via the search_item.php search parameter or the general_item_details.php id parameter.

CVE-2017-17572

FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari.

CVE-2017-17574

FS Care Clone 1.0 has SQL Injection via the searchJob.php jobType or jobFrequency parameter.

CVE-2017-17578

FS Crowdfunding Script 1.0 has SQL Injection via the latest_news_details.php id parameter.

CVE-2017-17573

FS Ebay Clone 1.0 has SQL Injection via the product.php id parameter, or the search.php category_id or sub_category_id parameter.

CVE-2017-17579

FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter.

CVE-2017-17576

FS Gigs Script 1.0 has SQL Injection via the browse-category.php cat parameter, browse-scategory.php sc parameter, or service-provider.php ser parameter.

CVE-2017-17575

FS Groupon Clone 1.0 has SQL Injection via the item_details.php id parameter or the vendor_details.php id parameter.

CVE-2017-17582

FS Grubhub Clone 1.0 has SQL Injection via the /food keywords parameter.

CVE-2017-17588

FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvshow.php s parameter, or show_misc_video.php id parameter.

CVE-2017-17587

FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter.

CVE-2017-17580

FS Linkedin Clone 1.0 has SQL Injection via the group.php grid parameter, profile.php fid parameter, or company_details.php id parameter.

CVE-2017-17584

FS Makemytrip Clone 1.0 has SQL Injection via the show-flight-result.php fl_orig or fl_dest parameter.

CVE-2017-17585

FS Monster Clone 1.0 has SQL Injection via the Employer_Details.php id parameter.

CVE-2017-17586

FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter or the message.php pid parameter.

CVE-2017-17581

FS Quibids Clone 1.0 has SQL Injection via the itechd.php productid parameter.

CVE-2017-17583

FS Shutterstock Clone 1.0 has SQL Injection via the /Category keywords parameter.

CVE-2017-17590

FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords parameter.

CVE-2017-17589

FS Thumbtack Clone 1.0 has SQL Injection via the browse-category.php cat parameter or the browse-scategory.php sc parameter.

CVE-2017-17591

Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single-cause.php pid parameter.

CVE-2017-17592

Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter.

CVE-2017-17594

DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter.

CVE-2017-17111

Posty Readymade Classifieds Script 1.0 allows an attacker to inject SQL commands via a listings.php?catid= or ads-details.php?ID= request.

CVE-2017-17110

Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL commands via a single.php?id= request.

CVE-2017-17055

Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a cross-site scripting (XSS) attack involving the username-form-id parameter to freeradius.users.php.

CVE-2017-16884

Cross-site scripting (XSS) vulnerability in MistServer before 2.13 allows remote attackers to inject arbitrary web script or HTML via vectors related to failed authentication requests alerts.

CVE-2017-16962

The WebMail components (Crystal, pronto, and pronto4) in CommuniGate Pro before 6.2.1 have stored XSS vulnerabilities via (1) the location or details field of a Google Calendar invitation, (2) a crafted Outlook.com calendar (aka Hotmail Calendar) invitation, (3) e-mail granting access to a directory that has JavaScript in its name, (4) JavaScript in a note name, (5) JavaScript in a task name, or (6) HTML e-mail that is mishandled in the Inbox component.

CVE-2017-16819

A stored cross-site scripting vulnerability in the Icon Time Systems RTC-1000 v2.5.7458 and earlier time clock allows remote attackers to inject arbitrary JavaScript in the nameFirst (aka First Name) field for the employee details page (/employee.html) that is then reflected in multiple pages where that field data is utilized, resulting in session hijacking and possible elevation of privileges.

CVE-2017-16843

Vonage VDV-23 115 3.2.11-0.9.40 devices have stored XSS via the NewKeyword or NewDomain field to /goform/RgParentalBasic.

CVE-2017-16841

LanSweeper 6.0.100.75 has XSS via the description parameter to /Calendar/CalendarActions.aspx.

CVE-2017-16781

The installer in MyBB before 1.8.13 has XSS.

CVE-2017-16780

The installer in MyBB before 1.8.13 allows remote attackers to execute arbitrary code by writing to the configuration file.

CVE-2017-16543

Zoho ManageEngine Applications Manager 13 before build 13500 allows SQL injection via GraphicalView.do, as demonstrated by a crafted viewProps yCanvas field or viewid parameter.

CVE-2017-16568

Cross-site scripting (XSS) vulnerability in Logitech Media Server 7.9.0 allows remote attackers to inject arbitrary web script or HTML via a radio URL.

CVE-2017-16567

Cross-site scripting (XSS) vulnerability in Logitech Media Server 7.9.0 allows remote attackers to inject arbitrary web script or HTML via a "favorite."

CVE-2017-3548

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of PeopleSoft Enterprise PeopleTools. CVSS 3.0 Base Score 6.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L).

CVE-2017-15958

D-Park Pro Domain Parking Script 1.0 allows SQL Injection via the username to admin/loginform.php.

CVE-2017-15959

Adult Script Pro 2.2.4 allows SQL Injection via the PATH_INFO to a /download URI, a different vulnerability than CVE-2007-6576.

CVE-2017-15960

Article Directory Script 3.0 allows SQL Injection via the id parameter to author.php or category.php.

CVE-2017-15961

iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php.

CVE-2017-15963

iTech Gigs Script 1.21 allows SQL Injection via the browse-scategory.php sc parameter or the service-provider.php ser parameter.

CVE-2017-15964

Job Board Script Software allows SQL Injection via the PATH_INFO to a /job-details URI.

CVE-2017-15965

The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action.

CVE-2017-15968

MyBuilder Clone 1.0 allows SQL Injection via the phpsqlsearch_genxml.php subcategory parameter.

CVE-2017-15969

PG All Share Video 1.0 allows SQL Injection via the PATH_INFO to search/tag, friends/index, users/profile, or video_catalog/category.

CVE-2017-15970

PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter.

CVE-2017-15971

Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15972.

CVE-2017-15972

SoftDatepro Dating Social Network 1.3 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15971.

CVE-2017-15973

Sokial Social Network Script 1.0 allows SQL Injection via the id parameter to admin/members_view.php.

CVE-2017-15974

tPanel 2009 allows SQL injection for Authentication Bypass via 'or 1=1 or ''=' to login.php.

CVE-2017-15975

Vastal I-Tech Dating Zone 0.9.9 allows SQL Injection via the 'product_id' to add_to_cart.php, a different vulnerability than CVE-2008-4461.

CVE-2017-15976

ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604.

CVE-2017-15977

Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter.

CVE-2017-15978

AROX School ERP PHP Script 1.0 allows SQL Injection via the office_admin/ id parameter.

CVE-2017-15979

Shareet - Photo Sharing Social Network 1.0 allows SQL Injection via the photo parameter.

CVE-2017-15980

US Zip Codes Database Script 1.0 allows SQL Injection via the state parameter.

CVE-2017-15981

Responsive Newspaper Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.

CVE-2017-15982

Dynamic News Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.

CVE-2017-15983

MyMagazine Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.

CVE-2017-15984

Creative Management System (CMS) Lite 1.4 allows SQL Injection via the S parameter to index.php.

CVE-2017-15985

Basic B2B Script allows SQL Injection via the product_view1.php pid or id parameter.

CVE-2017-15986

CPA Lead Reward Script allows SQL Injection via the username parameter.

CVE-2017-15987

Fake Magazine Cover Script allows SQL Injection via the rate.php value parameter or the content.php id parameter.

CVE-2017-15988

Nice PHP FAQ Script allows SQL Injection via the index.php nice_theme parameter, a different vulnerability than CVE-2008-6525.

CVE-2017-15989

Online Exam Test Application allows SQL Injection via the resources.php sort parameter in a category action.

CVE-2017-15991

Vastal I-Tech Agent Zone (aka The Real Estate Script) allows SQL Injection in searchCommercial.php via the property_type, city, or posted_by parameter, or searchResidential.php via the property_type, city, or bedroom parameter, a different vulnerability than CVE-2008-3951, CVE-2009-3497, and CVE-2012-0982.

CVE-2017-15992

Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php.

CVE-2017-15993

Zomato Clone Script allows SQL Injection via the restaurant-menu.php resid parameter.

CVE-2017-15727

In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment.

CVE-2017-15081

In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php.

CVE-2017-5223

An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method applies transformations to an HTML document to make it usable as an email message body. One of the transformations is to convert relative image URLs into attachments using a script-provided base directory. If no base directory is provided, it resolves to /, meaning that relative image URLs get treated as absolute local file paths and added as attachments. To form a remote vulnerability, the msgHTML method must be called, passed an unfiltered, user-supplied HTML document, and must not set a base directory.

CVE-2017-15878

A cross-site scripting (XSS) vulnerability exists in fields/types/markdown/MarkdownType.js in KeystoneJS before 4.0.0-beta.7 via the Contact Us feature.

CVE-2017-15879

CSV Injection (aka Excel Macro Injection or Formula Injection) exists in admin/server/api/download.js and lib/list/getCSVData.js in KeystoneJS before 4.0.0-beta.7 via a value that is mishandled in a CSV export.

CVE-2017-14143

The getUserzoneCookie function in Kaltura before 13.2.0 uses a hardcoded cookie secret to validate cookie signatures, which allows remote attackers to bypass an intended protection mechanism and consequently conduct PHP object injection attacks and execute arbitrary PHP code via a crafted userzone cookie.

CVE-2017-15687

DOM Based Cross Site Scripting (XSS) exists in Logitech Media Server 7.7.1, 7.7.2, 7.7.3, 7.7.5, 7.7.6, 7.9.0, and 7.9.1 via a crafted URI.

CVE-2017-15291

Cross-site scripting (XSS) vulnerability in the Wireless MAC Filtering page in TP-LINK TL-MR3220 wireless routers allows remote attackers to inject arbitrary web script or HTML via the Description field.

CVE-2017-15359

In the 3CX Phone System 15.5.3554.1, the Management Console typically listens to port 5001 and is prone to a directory traversal attack: "/api/RecordingList/DownloadRecord?file=" and "/api/SupportInfo?file=" are the vulnerable parameters. An attacker must be authenticated to exploit this issue to access sensitive information to aid in subsequent attacks.

CVE-2017-14619

Cross-site scripting (XSS) vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module.

CVE-2017-15287

There is XSS in the BouquetEditor WebPlugin for Dream Multimedia Dreambox devices, as demonstrated by the "Name des Bouquets" field, or the file parameter to the /file URI.

CVE-2017-12479

It was discovered that an issue in the session logic in Unitrends Backup (UB) before 10.0.0 allowed using the LOGDIR environment variable during a web session to elevate an existing low-privilege user to root privileges. A remote attacker with existing low-privilege credentials could then execute arbitrary commands with root privileges.

CVE-2017-12615

When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.

CVE-2017-14717

In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Description parameter.

CVE-2017-14758

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to SQL Injection: /xAdmin/html/cm_doclist_view_uc.jsp, parameter: documentId. In order for this vulnerability to be exploited, an attacker must authenticate to the application first.

CVE-2017-14757

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to SQL Injection: /xDashboard/html/jobhistory/downloadSupportFile.action, parameter: jobRunId. In order for this vulnerability to be exploited, an attacker must authenticate to the application first.

CVE-2017-6089

SQL injection vulnerability in PhpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) project or id parameters to topics/deletetopics.php; the (2) id parameter to bookmarks/deletebookmarks.php; or the (3) id parameter to calendar/deletecalendar.php.

CVE-2017-14848

WPHRM Human Resource Management System for WordPress 1.0 allows SQL Injection via the employee_id parameter.

CVE-2017-14620

SmarterStats Version 11.3.6347 will Render the Referer Field of HTTP Logfiles from URL /Data/Reports/ReferringURLsWithQueries resulting in Stored Cross Site Scripting.

CVE-2017-14738

FileRun (version 2017.09.18 and below) suffers from a remote SQL injection vulnerability due to a failure to sanitize input in the metafield parameter inside the metasearch module (under the search function).

CVE-2017-14848

WPHRM Human Resource Management System for WordPress 1.0 allows SQL Injection via the employee_id parameter.

CVE-2017-14620

SmarterStats Version 11.3.6347 will Render the Referer Field of HTTP Logfiles from URL /Data/Reports/ReferringURLsWithQueries resulting in Stored Cross Site Scripting.

CVE-2017-14738

FileRun (version 2017.09.18 and below) suffers from a remote SQL injection vulnerability due to a failure to sanitize input in the metafield parameter inside the metasearch module (under the search function).

CVE-2017-14847

Mojoomla WPAMS Apartment Management System for WordPress allows SQL Injection via the id parameter.

CVE-2017-14843

Mojoomla School Management System for WordPress allows SQL Injection via the id parameter.

CVE-2017-14846

Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter.

CVE-2017-14844

Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter.

CVE-2017-14845

Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter.

CVE-2017-14842

Mojoomla SMSmaster Multipurpose SMS Gateway for WordPress allows SQL Injection via the id parameter.

CVE-2017-14507

Multiple SQL injection vulnerabilities in the Content Timeline plugin 4.4.2 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) timeline parameter in content_timeline_class.php; or the id parameter to (2) pages/content_timeline_edit.php or (3) pages/content_timeline_index.php.

CVE-2017-14703

SQL injection vulnerability in Cash Back Comparison Script 1.0 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to search/.

CVE-2017-14618

Cross-site scripting (XSS) vulnerability in inc/PMF/Faq.php in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the Questions field in an "Add New FAQ" action.

CVE-2017-12930

SQL Injection in the admin interface in TecnoVISION DLX Spot Player4 version >1.5.10 allows remote unauthenticated users to access the web interface as administrator via a crafted password.

CVE-2017-9798

Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.

CVE-2017-11435

The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability via specially crafted requests to the management console. The bug is exploitable remotely when the router is configured to expose the management console. The router is not validating the session token while returning answers for some methods in url '/api'. An attacker can use this vulnerability to retrieve sensitive information such as private/public IP addresses, SSID names, and passwords.

CVE-2017-14396

In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square brackets at the end of a parameter name, as demonstrated by the key parameter to file.php.

CVE-2017-14219

XSS (persistent) on the Intelbras Wireless N 150Mbps router with firmware WRN 240 allows attackers to steal wireless credentials without being connected to the network, related to userRpm/popupSiteSurveyRpm.htm and userRpm/WlanSecurityRpm.htm. The attack vector is a crafted ESSID, as demonstrated by an "airbase-ng -e" command.

CVE-2017-14126

The Participants Database plugin before 1.7.5.10 for WordPress has XSS.

CVE-2017-13754

Cross-site scripting (XSS) vulnerability in the "advanced settings - time server" module in Wibu-Systems CodeMeter before 6.50b allows remote attackers to inject arbitrary web script or HTML via the "server name" field in actions/ChangeConfiguration.html.

CVE-2017-13713

T&W WIFI Repeater BE126 allows remote authenticated users to execute arbitrary code via shell metacharacters in the user parameter to cgi-bin/webupg.

CVE-2017-12943

D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a model/__show_info.php?REQUIRE_FILE= absolute path traversal attack, as demonstrated by discovering the admin password.

CVE-2017-8770

There is LFD (local file disclosure) on BE126 WIFI repeater 1.0 devices that allows attackers to read the entire filesystem on the device via a crafted getpage parameter.

CVE-2017-12984

PHPMyWind 5.3 has XSS in shoppingcart.php, related to message.php, admin/message.php, and admin/message_update.php.

CVE-2017-12971

Cross-site scripting (XSS) vulnerability in Apache2Triad 1.5.4 allows remote attackers to inject arbitrary web script or HTML via the account parameter to phpsftpd/users.php.

CVE-2017-6327

The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. In this type of occurrence, after gaining access to the system, the attacker may attempt to elevate their privileges.

CVE-2017-9979

On the OSNEXUS QuantaStor v4 virtual appliance before 4.3.1, if the REST call invoked does not exist, an error will be triggered containing the invalid method previously invoked. The response sent to the user isn't sanitized in this case. An attacker can leverage this issue by including arbitrary HTML or JavaScript code as a parameter, aka XSS.

CVE-2017-9767

Multiple cross-site scripting (XSS) vulnerabilities in Quali CloudShell before 8 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Name or (2) Description parameter to RM/Reservation/ReserveNew; the (3) Description parameter to RM/Topology/Update; the (4) Name, (5) Description, (6) ExecutionBatches[0].Name, (7) ExecutionBatches[0].Description, or (8) Labels parameter to SnQ/JobTemplate/Edit; or (9) Alias or (10) Description parameter to RM/AbstractTemplate/AddOrUpdateAbstractTemplate.

CVE-2017-11155

An information exposure vulnerability in index.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to obtain sensitive system information via unspecified vectors.

CVE-2017-11320

Persistent XSS through the SSID of nearby Wi-Fi devices on Technicolor TC7337 routers 08.89.17.20.00 allows an attacker to cause DNS Poisoning and steal credentials from the router.

CVE-2017-11494

SQL injection vulnerability in SOL.Connect ISET-mpp meter 1.2.4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a login action.

CVE-2017-3133

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN.

CVE-2017-11346

Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute arbitrary code via vectors involving the upload of help desk videos.

CVE-2017-11356

The application distribution export functionality in PEGA Platform 7.2 ML0 and earlier allows remote authenticated users with certain privileges to obtain sensitive configuration information by leveraging a missing access control.

CVE-2017-7175

NfSen before 1.3.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the customfmt parameter (aka the "Custom output format" field).

CVE-2017-6971

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862.

CVE-2017-9834

SQL injection vulnerability in the WatuPRO plugin before 5.5.3.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the watupro_questions parameter in a watupro_submit action to wp-admin/admin-ajax.php.

CVE-2017-9833

/cgi-bin/wapopen in Boa 0.94.14rc21 allows the injection of "../.." using the FILECAMERA variable (sent by GET) to read files with root privileges. NOTE: multiple third parties report that this is a system-integrator issue (e.g., a vulnerability on one type of camera) because Boa does not include any wapopen program or any code to read a FILECAMERA variable.

CVE-2017-9813

In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS).

CVE-2017-9812

In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS).

CVE-2017-9811

In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS).

CVE-2017-9810

In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS).

CVE-2017-9730

SQL injection vulnerability in rdr.php in nuevoMailer version 6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the "r" parameter.

CVE-2017-9429

SQL injection vulnerability in the Event List plugin 0.7.8 for WordPress allows an authenticated user to execute arbitrary SQL commands via the id parameter to wp-admin/admin.php.

CVE-2017-9603

SQL injection vulnerability in the WP Jobs plugin before 1.5 for WordPress allows authenticated users to execute arbitrary SQL commands via the jobid parameter to wp-admin/edit.php.

CVE-2017-9418

SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for WordPress allows an authenticated user to execute arbitrary SQL commands via the testid parameter to wp-admin/admin.php.

CVE-2017-9516

Craft CMS before 2.6.2982 allows for a potential XSS attack vector by uploading a malicious SVG file.

CVE-2017-2528

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with cached frames.

CVE-2017-2510

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with pageshow events.

CVE-2017-2508

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with container nodes.

CVE-2017-2504

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with WebKit Editor commands.

CVE-2017-5631

An issue was discovered in KMCIS CaseAware. Reflected cross site scripting is present in the user parameter (i.e., "usr") that is transmitted in the login.php query string.

CVE-2017-8917

SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

CVE-2017-7953

INFOR EAM V11.0 Build 201410 has XSS via comment fields.

CVE-2017-7952

INFOR EAM V11.0 Build 201410 has SQL injection via search fields, related to the filtervalue parameter.

CVE-2017-8912

CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/editusertag.php, related to the CreateTagFunction and CallUserTag functions. NOTE: the vendor reportedly has stated this is "a feature, not a bug.

CVE-2017-7981

Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki component because the proc_open PHP function is used within PhpWiki before 1.5.5 with a syntax value in its first argument, and an authenticated Tuleap user can control this value, even with shell metacharacters, as demonstrated by a '<?plugin SyntaxHighlighter syntax="c;id"' line to execute the id command.

CVE-2017-5799

A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The vulnerability impacts OCMP versions prior to 3.4.2 RP201 (for OCMP 3.x), all versions prior to 4.4.7 RP702 (for OCMP 4.x).

CVE-2017-3549

Vulnerability in the Oracle Scripting component of Oracle E-Business Suite (subcomponent: Scripting Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Scripting accessible data as well as unauthorized access to critical data or complete access to all Oracle Scripting accessible data. CVSS 3.0 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).

CVE-2017-2479

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.

CVE-2017-2480

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.

CVE-2017-6361

QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute arbitrary commands via unspecified vectors.

CVE-2017-6190

Directory traversal vulnerability in the web interface on the D-Link DWR-116 device with firmware before V1.05b09 allows remote attackers to read arbitrary files via a .. (dot dot) in a "GET /uir/" request.

CVE-2017-2641

In Moodle 2.x and 3.x, SQL injection can occur via user preferences.

CVE-2017-2445

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted frame objects.

CVE-2017-6884

A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such as the ping_ip parameter to the expert/maintenance/diagnostic/nslookup URI.

CVE-2017-6088

Multiple SQL injection vulnerabilities in EyesOfNetwork (aka EON) 5.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) bp_name, (2) display, (3) search, or (4) equipment parameter to module/monitoring_ged/ged_functions.php or the (5) type parameter to monitoring_ged/ajax.php.

CVE-2017-6087

EyesOfNetwork ("EON") 5.0 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the selected_events[] parameter in the (1) acknowledge, (2) delete, or (3) ownDisown function in module/monitoring_ged/ged_functions.php or the (4) module parameter to module/index.php.

CVE-2017-6550

Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson (formerly ESBUS) allow remote attackers to execute arbitrary SQL commands via the (1) TABLE parameter to esbus/servlet/GetSQLData or (2) QUERY parameter to KK_LS9ReportingPortal/GetData.

CVE-2017-6547

Cross-site scripting (XSS) vulnerability in httpd on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12+, RT-N12E B1, RT-AC3200, RT-AC53U, RT-AC1750, RT-AC1900P, RT-N300, and RT-AC750 routers with firmware before 3.0.0.4.380.7378; RT-AC68W routers with firmware before 3.0.0.4.380.7266; and RT-N600, RT-N12+ B1, RT-N11P B1, RT-N12VP B1, RT-N12E C1, RT-N300 B1, and RT-N12+ Pro routers with firmware before 3.0.0.4.380.9488 allows remote attackers to inject arbitrary JavaScript by requesting filenames longer than 50 characters.

CVE-2017-6443

Cross-site scripting (XSS) vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the W_AD1 parameter to Forms/oadmin_1.

CVE-2017-2371

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "WebKit" component, which allows remote attackers to launch popups via a crafted web site.

CVE-2017-6098

A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign_save.php (Requires authentication to Wordpress admin) with the POST Parameter: list_id.

CVE-2017-5344

An issue was discovered in dotCMS through 3.6.1. The findChildrenByFilter() function which is called by the web accessible path /categoriesServlet performs string interpolation and direct SQL query execution. SQL quote escaping and a keyword blacklist were implemented in a new class, SQLUtil (main/java/com/dotmarketing/common/util/SQLUtil.java), as part of the remediation of CVE-2016-8902; however, these can be overcome in the case of the q and inode parameters to the /categoriesServlet path. Overcoming these controls permits a number of blind boolean SQL injection vectors in either parameter. The /categoriesServlet web path can be accessed remotely and without authentication in a default dotCMS deployment.

CVE-2017-5174

An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architecture could allow attackers to bypass the access control that may allow remote code execution.

CVE-2017-16836

Arris TG1682G devices with Comcast TG1682_2.0s7_PRODse 10.0.59.SIP.PC20.CT software allow Unauthenticated Stored XSS via the actionHandler/ajax_managed_services.php service parameter.

CVE-2017-15367

Bacula-web before 8.0.0-rc2 is affected by multiple SQL Injection vulnerabilities that could allow an attacker to access the Bacula database and, depending on configuration, escalate privileges on the server.

CVE-2017-16716

A SQL Injection issue was discovered in WebAccess versions prior to 8.3. WebAccess does not properly sanitize its inputs for SQL commands.

CVE-2017-17612

Hot Scripts Clone 3.1 has SQL Injection via the /categories subctid or mctid parameter.

CVE-2017-15374

Shopware v5.2.5 - v5.3 is vulnerable to cross site scripting in the customer and order section of the content management system backend modules. Remote attackers are able to inject malicious script code into the firstname, lastname, or order input fields to provoke persistent execution in the customer and orders section of the backend. The execution occurs in the administrator backend listing when processing a preview of the customers (kunden) or orders (bestellungen). The injection can be performed interactively via user registration or by manipulation of the order information inputs. The issue can be exploited by low privileged user accounts against higher privileged (admin or moderator) accounts.

CVE-2017-17999

SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to execute arbitrary SQL commands via the search parameter to index.php/knowledge_base/get_article_suggestion/.

CVE-2017-17970

Multiple SQL injection vulnerabilities in Muviko 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to login.php; the (2) season_id parameter to themes/flixer/ajax/load_season.php; the (3) movie_id parameter to themes/flixer/ajax/get_rating.php; the (4) rating or (5) movie_id parameter to themes/flixer/ajax/update_rating.php; or the (6) id parameter to themes/flixer/ajax/set_player_source.php.

CVE-2017-7997

Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the (1) show_prn parameter to webapp/users/prnow.jsp or show_month parameter to (2) webapp/users/blhistory.jsp or (3) webapp/users/prhistory.jsp.

PreviousCVE-2018NextCVE-2012

Last updated 1 month ago

Was this helpful?

https://www.exploit-db.com/exploits/44071
https://www.exploit-db.com/exploits/44070
https://www.exploit-db.com/exploits/44068
https://www.exploit-db.com/exploits/44067
https://www.exploit-db.com/exploits/44065
https://www.exploit-db.com/exploits/44063
https://www.exploit-db.com/exploits/44061
https://www.exploit-db.com/exploits/44060
https://www.exploit-db.com/exploits/44056
https://www.exploit-db.com/exploits/43422
https://www.exploit-db.com/exploits/44051
https://www.exploit-db.com/exploits/44050
https://www.exploit-db.com/exploits/43928
https://www.exploit-db.com/exploits/43916
https://www.exploit-db.com/exploits/43853
https://www.exploit-db.com/exploits/43849
https://www.exploit-db.com/exploits/43591
https://www.exploit-db.com/exploits/43590
https://www.exploit-db.com/exploits/43477
https://www.exploit-db.com/exploits/43455
https://www.exploit-db.com/exploits/43447
https://www.exploit-db.com/exploits/43431
https://www.exploit-db.com/exploits/43393
https://www.exploit-db.com/exploits/43379
https://www.exploit-db.com/exploits/43378
https://www.exploit-db.com/exploits/43364
https://www.exploit-db.com/exploits/43362
https://www.exploit-db.com/exploits/43337
https://www.exploit-db.com/exploits/43336
https://www.exploit-db.com/exploits/43335
https://www.exploit-db.com/exploits/43334
https://www.exploit-db.com/exploits/43333
https://www.exploit-db.com/exploits/43332
https://www.exploit-db.com/exploits/43330
https://www.exploit-db.com/exploits/43329
https://www.exploit-db.com/exploits/43323
https://www.exploit-db.com/exploits/43316
https://www.exploit-db.com/exploits/43314
https://www.exploit-db.com/exploits/43312
https://www.exploit-db.com/exploits/43311
https://www.exploit-db.com/exploits/43311
https://www.exploit-db.com/exploits/43310
https://www.exploit-db.com/exploits/43309
https://www.exploit-db.com/exploits/43308
https://www.exploit-db.com/exploits/43307
https://www.exploit-db.com/exploits/43306
https://www.exploit-db.com/exploits/43305
https://www.exploit-db.com/exploits/43304
https://www.exploit-db.com/exploits/43302
https://www.exploit-db.com/exploits/43301
https://www.exploit-db.com/exploits/43300
https://www.exploit-db.com/exploits/43299
https://www.exploit-db.com/exploits/43297
https://www.exploit-db.com/exploits/43296
https://www.exploit-db.com/exploits/43295
https://www.exploit-db.com/exploits/43294
https://www.exploit-db.com/exploits/43293
https://www.exploit-db.com/exploits/43292
https://www.exploit-db.com/exploits/43291
https://www.exploit-db.com/exploits/43290
https://www.exploit-db.com/exploits/43289
https://www.exploit-db.com/exploits/43288
https://www.exploit-db.com/exploits/43287
https://www.exploit-db.com/exploits/43286
https://www.exploit-db.com/exploits/43285
https://www.exploit-db.com/exploits/43284
https://www.exploit-db.com/exploits/43283
https://www.exploit-db.com/exploits/43282
https://www.exploit-db.com/exploits/43281
https://www.exploit-db.com/exploits/43280
https://www.exploit-db.com/exploits/43279
https://www.exploit-db.com/exploits/43278
https://www.exploit-db.com/exploits/43277
https://www.exploit-db.com/exploits/43276
https://www.exploit-db.com/exploits/43275
https://www.exploit-db.com/exploits/43274
https://www.exploit-db.com/exploits/43273
https://www.exploit-db.com/exploits/43272
https://www.exploit-db.com/exploits/43271
https://www.exploit-db.com/exploits/43270
https://www.exploit-db.com/exploits/43269
https://www.exploit-db.com/exploits/43268
https://www.exploit-db.com/exploits/43267
https://www.exploit-db.com/exploits/43266
https://www.exploit-db.com/exploits/43265
https://www.exploit-db.com/exploits/43264
https://www.exploit-db.com/exploits/43263
https://www.exploit-db.com/exploits/43262
https://www.exploit-db.com/exploits/43261
https://www.exploit-db.com/exploits/42130
https://www.exploit-db.com/exploits/42130
https://www.exploit-db.com/exploits/42130
https://www.exploit-db.com/exploits/42130
https://www.exploit-db.com/exploits/42130
https://www.exploit-db.com/exploits/42130
https://www.exploit-db.com/exploits/42130
https://www.exploit-db.com/exploits/42120
https://www.exploit-db.com/exploits/41578
https://www.exploit-db.com/exploits/43260
https://www.exploit-db.com/exploits/43259
https://www.exploit-db.com/exploits/43258
https://www.exploit-db.com/exploits/43257
https://www.exploit-db.com/exploits/43256
https://www.exploit-db.com/exploits/43255
https://www.exploit-db.com/exploits/43254
https://www.exploit-db.com/exploits/43253
https://www.exploit-db.com/exploits/43252
https://www.exploit-db.com/exploits/43251
https://www.exploit-db.com/exploits/43250
https://www.exploit-db.com/exploits/43249
https://www.exploit-db.com/exploits/43246
https://www.exploit-db.com/exploits/43245
https://www.exploit-db.com/exploits/43244
https://www.exploit-db.com/exploits/43243
https://www.exploit-db.com/exploits/43242
https://www.exploit-db.com/exploits/43241
https://www.exploit-db.com/exploits/43240
https://www.exploit-db.com/exploits/43239
https://www.exploit-db.com/exploits/43238
https://www.exploit-db.com/exploits/43235
https://www.exploit-db.com/exploits/43212
https://www.exploit-db.com/exploits/43211
https://www.exploit-db.com/exploits/43206
https://www.exploit-db.com/exploits/43205
https://www.exploit-db.com/exploits/43177
https://www.exploit-db.com/exploits/43158
https://www.exploit-db.com/exploits/43150
https://www.exploit-db.com/exploits/43149
https://www.exploit-db.com/exploits/43137
https://www.exploit-db.com/exploits/43136
https://www.exploit-db.com/exploits/43129
https://www.exploit-db.com/exploits/43123
https://www.exploit-db.com/exploits/43122
https://www.exploit-db.com/exploits/43114
https://www.exploit-db.com/exploits/43101
https://www.exploit-db.com/exploits/43100
https://www.exploit-db.com/exploits/43099
https://www.exploit-db.com/exploits/43098
https://www.exploit-db.com/exploits/43096
https://www.exploit-db.com/exploits/43095
https://www.exploit-db.com/exploits/43094
https://www.exploit-db.com/exploits/43091
https://www.exploit-db.com/exploits/43090
https://www.exploit-db.com/exploits/43089
https://www.exploit-db.com/exploits/43088
https://www.exploit-db.com/exploits/43087
https://www.exploit-db.com/exploits/43086
https://www.exploit-db.com/exploits/43085
https://www.exploit-db.com/exploits/43084
https://www.exploit-db.com/exploits/43083
https://www.exploit-db.com/exploits/43082
https://www.exploit-db.com/exploits/43081
https://www.exploit-db.com/exploits/43080
https://www.exploit-db.com/exploits/43079
https://www.exploit-db.com/exploits/43078
https://www.exploit-db.com/exploits/43077
https://www.exploit-db.com/exploits/43076
https://www.exploit-db.com/exploits/43075
https://www.exploit-db.com/exploits/43074
https://www.exploit-db.com/exploits/43073
https://www.exploit-db.com/exploits/43072
https://www.exploit-db.com/exploits/43071
https://www.exploit-db.com/exploits/43070
https://www.exploit-db.com/exploits/43068
https://www.exploit-db.com/exploits/43067
https://www.exploit-db.com/exploits/43066
https://www.exploit-db.com/exploits/43063
https://www.exploit-db.com/exploits/43062
https://www.exploit-db.com/exploits/43056
https://www.exploit-db.com/exploits/43054
https://www.exploit-db.com/exploits/43053
https://www.exploit-db.com/exploits/43028
https://www.exploit-db.com/exploits/43024
https://www.exploit-db.com/exploits/43023
https://www.exploit-db.com/exploits/42991
https://www.exploit-db.com/exploits/42987
https://www.exploit-db.com/exploits/42986
https://www.exploit-db.com/exploits/42959
https://www.exploit-db.com/exploits/42953
https://www.exploit-db.com/exploits/42950
https://www.exploit-db.com/exploits/42940
https://www.exploit-db.com/exploits/42939
https://www.exploit-db.com/exploits/42935
https://www.exploit-db.com/exploits/42924
https://www.exploit-db.com/exploits/42923
https://www.exploit-db.com/exploits/42922
https://www.exploit-db.com/exploits/42924
https://www.exploit-db.com/exploits/42923
https://www.exploit-db.com/exploits/42922
https://www.exploit-db.com/exploits/42805
https://www.exploit-db.com/exploits/42804
https://www.exploit-db.com/exploits/42802
https://www.exploit-db.com/exploits/42801
https://www.exploit-db.com/exploits/42800
https://www.exploit-db.com/exploits/42798
https://www.exploit-db.com/exploits/42794
https://www.exploit-db.com/exploits/42772
https://www.exploit-db.com/exploits/42761
https://www.exploit-db.com/exploits/42754
https://www.exploit-db.com/exploits/42745
https://www.exploit-db.com/exploits/42732
https://www.exploit-db.com/exploits/42660
https://www.exploit-db.com/exploits/42633
https://www.exploit-db.com/exploits/42618
https://www.exploit-db.com/exploits/42610
https://www.exploit-db.com/exploits/42608
https://www.exploit-db.com/exploits/42581
https://www.exploit-db.com/exploits/42547
https://www.exploit-db.com/exploits/42535
https://www.exploit-db.com/exploits/42520
https://www.exploit-db.com/exploits/42519
https://www.exploit-db.com/exploits/42517
https://www.exploit-db.com/exploits/42453
https://www.exploit-db.com/exploits/42434
https://www.exploit-db.com/exploits/42427
https://www.exploit-db.com/exploits/42408
https://www.exploit-db.com/exploits/42388
https://www.exploit-db.com/exploits/42358
https://www.exploit-db.com/exploits/42335
https://www.exploit-db.com/exploits/42314
https://www.exploit-db.com/exploits/42306
https://www.exploit-db.com/exploits/42291
https://www.exploit-db.com/exploits/42290
https://www.exploit-db.com/exploits/42269
https://www.exploit-db.com/exploits/42269
https://www.exploit-db.com/exploits/42269
https://www.exploit-db.com/exploits/42269
https://www.exploit-db.com/exploits/42193
https://www.exploit-db.com/exploits/42173
https://www.exploit-db.com/exploits/42172
https://www.exploit-db.com/exploits/42166
https://www.exploit-db.com/exploits/42143
https://www.exploit-db.com/exploits/42105
https://www.exploit-db.com/exploits/42067
https://www.exploit-db.com/exploits/42066
https://www.exploit-db.com/exploits/42064
https://www.exploit-db.com/exploits/42042
https://www.exploit-db.com/exploits/42033
https://www.exploit-db.com/exploits/42029
https://www.exploit-db.com/exploits/42028
https://www.exploit-db.com/exploits/41997
https://www.exploit-db.com/exploits/41953
https://www.exploit-db.com/exploits/41927
https://www.exploit-db.com/exploits/41926
https://www.exploit-db.com/exploits/41866
https://www.exploit-db.com/exploits/41865
https://www.exploit-db.com/exploits/41842
https://www.exploit-db.com/exploits/41840
https://www.exploit-db.com/exploits/41828
https://www.exploit-db.com/exploits/41802
https://www.exploit-db.com/exploits/41782
https://www.exploit-db.com/exploits/41747
https://www.exploit-db.com/exploits/41746
https://www.exploit-db.com/exploits/41577
https://www.exploit-db.com/exploits/41571
https://www.exploit-db.com/exploits/41502
https://www.exploit-db.com/exploits/41451
https://www.exploit-db.com/exploits/41438
https://www.exploit-db.com/exploits/41377
https://www.exploit-db.com/exploits/41360
https://www.exploit-db.com/exploits/38657
https://www.exploit-db.com/exploits/44272
https://www.exploit-db.com/exploits/43928
https://www.exploit-db.com/exploits/43916
https://www.exploit-db.com/exploits/43849
https://www.exploit-db.com/exploits/43591
https://www.exploit-db.com/exploits/43477
https://www.exploit-db.com/exploits/43447