Skip to main content
CVE-2017-15667 HIGH POC THREAT Act Now

In Flexense SysGauge Server 3.6.18, the Control Protocol suffers from a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 12.4%.

Denial Of Service Sysgauge
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
12.4%
CVE-2017-17942 HIGH POC This Week

In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Libtiff
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2017-17950 HIGH POC This Week

Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Blog
NVD GitHub
CVSS 3.0
8.8
EPSS
0.2%
CVE-2017-17960 HIGH POC This Week

PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Php Multivendor Ecommerce
NVD GitHub
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-17939 HIGH POC This Week

PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Single Theater Booking Script
NVD GitHub
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-17936 HIGH POC This Week

Vanguard Marketplace Digital Products PHP has CSRF via /search. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Marketplace Digital Products Php
NVD GitHub
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-17952 HIGH POC This Week

PHP Scripts Mall PHP Multivendor Ecommerce has a predicable registration URL, which makes it easier for remote attackers to register with an invalid or spoofed e-mail address. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Php Multivendor Ecommerce
NVD GitHub
CVSS 3.0
8.6
EPSS
0.2%
CVE-2017-17941 HIGH POC This Week

PHP Scripts Mall Single Theater Booking has SQL Injection via the admin/movieview.php movieid parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Single Theater Booking Script
NVD GitHub
CVSS 3.0
7.2
EPSS
0.2%
CVE-2015-3637 HIGH This Week

SQL injection vulnerability in phpMyBackupPro when run in multi-user mode before 2.5 allows remote attackers to execute arbitrary SQL commands via the username and password parameters. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

SQLi Phpmybackuppro
NVD
CVSS 3.0
8.1
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy