Skip to main content
CVE-2017-17982 MEDIUM POC This Month

PHP Scripts Mall Muslim Matrimonial Script has CSRF via admin/subadmin_edit.php. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Muslim Matrimonial Script
NVD GitHub
CVSS 3.0
6.8
EPSS
0.1%
CVE-2017-17995 MEDIUM POC This Month

Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Biometric Shift Employee Management System
NVD GitHub
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-17994 MEDIUM POC This Month

Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Biometric Shift Employee Management System
NVD GitHub
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-17993 MEDIUM POC This Month

Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Biometric Shift Employee Management System
NVD GitHub
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-17991 MEDIUM POC This Month

Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Biometric Shift Employee Management System
NVD GitHub
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-17989 MEDIUM POC This Month

Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Biometric Shift Employee Management System
NVD GitHub
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-17981 MEDIUM POC This Month

PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/slider_edit.php edit_id parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Muslim Matrimonial Script
NVD GitHub
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-17988 MEDIUM POC This Month

PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/event_add.php event_title parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Muslim Matrimonial Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.2%
CVE-2017-17986 MEDIUM POC This Month

PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/caste_view.php comm_id parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Muslim Matrimonial Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.2%
CVE-2017-17985 MEDIUM POC This Month

PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/state_view.php cou_id parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Muslim Matrimonial Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.2%
CVE-2017-17984 MEDIUM POC This Month

PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/event_edit.php edit_id parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Muslim Matrimonial Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.2%
CVE-2017-12813 MEDIUM This Month

PHPJabbers File Sharing Script 1.0 has stored XSS in the comments section. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Phpjabbers File Sharing Script
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-12812 MEDIUM This Month

PHPJabbers Night Club Booking Software has stored XSS in the name parameter in the reservations tab. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Phpjabbers Night Club Booking Software
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-12811 MEDIUM This Month

PHPJabbers Star Rating Script 4.0 has stored XSS via a rating item. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Phpjabbers Star Rating Script
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-12810 MEDIUM This Month

PHPJabbers PHP Newsletter Script 4.2 has stored XSS in lists in the admin panel. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Phpjabbers Newsletter Script
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2016-10704 MEDIUM PATCH This Month

Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have XSS via e-mail templates that are mishandled during a preview, aka APPSEC-1503. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Adobe Magento
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2017-17975 MEDIUM This Month

Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Linux Use After Free Linux Kernel
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-17089 MEDIUM PATCH This Month

custom/run.cgi in Webmin before 1.870 allows remote authenticated administrators to conduct XSS attacks via the description field in the custom command functionality. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Webmin
NVD GitHub
CVSS 3.0
4.8
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy