Skip to main content
CVE-2017-15727 MEDIUM POC PATCH This Month

In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Phpmyfaq
NVD GitHub Exploit-DB
CVSS 3.0
5.4
EPSS
0.4%
CVE-2017-12317 MEDIUM This Month

The Cisco AMP For Endpoints application allows an authenticated, local attacker to access a static key value stored in the local application software. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Cisco Advanced Malware Protection
NVD
CVSS 3.0
6.7
EPSS
0.0%
CVE-2017-15736 MEDIUM This Month

Cross-site scripting (XSS) vulnerability (stored) in SPIP before 3.1.7 allows remote attackers to inject arbitrary web script or HTML via a crafted string, as demonstrated by a PGP field, related to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Spip
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-15722 MEDIUM PATCH This Month

In certain cases, Irssi before 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Irssi Debian Linux
NVD
CVSS 3.0
5.9
EPSS
0.7%
CVE-2017-15728 MEDIUM This Month

In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via metaDescription or metaKeywords. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Phpmyfaq
NVD GitHub
CVSS 3.0
4.8
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy