Search Results (Refine Search)
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-17427 |
Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an adaptive-chosen ciphertext attack ("Bleichenbacher attack"). This allows an attacker to decrypt observed traffic that has been encrypted with the RSA cipher and to perform other private key operations. Published: December 13, 2017; 11:29:00 AM -0500 |
V4.0:(not available) V3.0: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-17382 |
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack. Published: December 13, 2017; 11:29:00 AM -0500 |
V4.0:(not available) V3.0: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-14590 |
Bamboo did not check that the name of a branch in a Mercurial repository contained argument parameters. An attacker who has permission to create a repository in Bamboo, edit an existing plan that has a non-linked Mercurialrepository, create or edit a plan when there is at least one linked Mercurial repository that the attacker has permission to use, or commit to a Mercurial repository used by a Bamboo plan which has branch detection enabled can execute code of their choice on systems that run a vulnerable version of Bamboo Server. Versions of Bamboo starting with 2.7.0 before 6.1.6 (the fixed version for 6.1.x) and from 6.2.0 before 6.2.5 (the fixed version for 6.2.x) are affected by this vulnerability. Published: December 13, 2017; 10:29:00 AM -0500 |
V4.0:(not available) V3.0: 9.1 CRITICAL V2.0: 9.0 HIGH |
CVE-2017-14589 |
It was possible for double OGNL evaluation in FreeMarker templates through Struts FreeMarker tags to occur. An attacker who has restricted administration rights to Bamboo or who hosts a website that a Bamboo administrator visits, is able to exploit this vulnerability to execute Java code of their choice on systems that run a vulnerable version of Bamboo. All versions of Bamboo before 6.1.6 (the fixed version for 6.1.x) and from 6.2.0 before 6.2.5 (the fixed version for 6.2.x) are affected by this vulnerability. Published: December 13, 2017; 10:29:00 AM -0500 |
V4.0:(not available) V3.0: 9.6 CRITICAL V2.0: 6.8 MEDIUM |
CVE-2017-17642 |
Basic Job Site Script 2.0.5 has SQL Injection via the keyword parameter to /job. Published: December 13, 2017; 4:29:03 AM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-17641 |
Resume Clone Script 2.0.5 has SQL Injection via the preview.php id parameter. Published: December 13, 2017; 4:29:03 AM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-17640 |
Advanced World Database 2.0.5 has SQL Injection via the city.php country or state parameter, or the state.php country parameter. Published: December 13, 2017; 4:29:03 AM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-17639 |
Muslim Matrimonial Script 3.02 has SQL Injection via the success-story.php succid parameter. Published: December 13, 2017; 4:29:03 AM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-17638 |
Groupon Clone Script 3.01 has SQL Injection via the city_ajax.php state_id parameter. Published: December 13, 2017; 4:29:03 AM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-17637 |
Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter. Published: December 13, 2017; 4:29:02 AM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-17636 |
MLM Forced Matrix 2.0.9 has SQL Injection via the news-detail.php newid parameter. Published: December 13, 2017; 4:29:02 AM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-17635 |
MLM Forex Market Plan Script 2.0.4 has SQL Injection via the news_detail.php newid parameter or the event_detail.php eventid parameter. Published: December 13, 2017; 4:29:02 AM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-17634 |
Single Theater Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter. Published: December 13, 2017; 4:29:02 AM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-17633 |
Multiplex Movie Theater Booking Script 3.1.5 has SQL Injection via the trailer-detail.php moid parameter, show-time.php moid parameter, or event-detail.php eid parameter. Published: December 13, 2017; 4:29:02 AM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-17632 |
Responsive Events And Movie Ticket Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter. Published: December 13, 2017; 4:29:02 AM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-17631 |
Multireligion Responsive Matrimonial 4.7.2 has SQL Injection via the success-story.php succid parameter. Published: December 13, 2017; 4:29:02 AM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-17630 |
Yoga Class Script 1.0 has SQL Injection via the /list city parameter. Published: December 13, 2017; 4:29:02 AM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-17629 |
Secure E-commerce Script 2.0.1 has SQL Injection via the category.php searchmain or searchcat parameter, or the single_detail.php sid parameter. Published: December 13, 2017; 4:29:02 AM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-17628 |
Responsive Realestate Script 3.2 has SQL Injection via the property-list tbud parameter. Published: December 13, 2017; 4:29:02 AM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-17627 |
Readymade Video Sharing Script 3.2 has SQL Injection via the single-video-detail.php report_videos array parameter. Published: December 13, 2017; 4:29:02 AM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |