Latest CVE Feed
-
6.1
MEDIUMCVE-2017-2164
Cross-site scripting vulnerability in SOY CMS with installer 1.8.12 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more
Affected Products : soy_cms- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-2163
Directory traversal vulnerability in SOY CMS Ver.1.8.1 to Ver.1.8.12 allows authenticated attackers to read arbitrary files via shop_id.... Read more
Affected Products : soy_cms- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
7.3
HIGHCVE-2017-2157
Untrusted search path vulnerability in installers for The Public Certification Service for Individuals "The JPKI user's software (for Windows 7 and later)" Ver3.1 and earlier, The Public Certification Service for Individuals "The JPKI user's software (for... Read more
- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
5.4
MEDIUMCVE-2017-2122
Cross-site scripting vulnerability in Nessus versions 6.8.0, 6.8.1, 6.9.0, 6.9.1 and 6.9.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more
Affected Products : nessus- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2016-4887
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Uploader version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.... Read more
Affected Products : basercms- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2016-4886
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.... Read more
Affected Products : basercms- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2016-4885
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Feed version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.... Read more
Affected Products : basercms- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2016-4884
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.... Read more
Affected Products : basercms- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
5.4
MEDIUMCVE-2016-4883
Cross-site scripting vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more
Affected Products : basercms- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2016-4882
Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.... Read more
Affected Products : basercms- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2016-4881
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.... Read more
Affected Products : basercms- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
5.4
MEDIUMCVE-2016-4880
Cross-site scripting vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more
Affected Products : basercms- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2016-4879
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.... Read more
- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2016-4878
Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.... Read more
Affected Products : basercms- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
5.4
MEDIUMCVE-2016-4877
Cross-site scripting vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more
- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2016-4876
Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators to execute arbitrary PHP code via unspecified vectors.... Read more
Affected Products : basercms- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2016-4864
H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remote attackers to cause a denial-of-service (DoS) via format string specifiers in a template file via fastcgi, mruby, proxy, redirect or reproxy.... Read more
Affected Products : h2o- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2016-4859
Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.3, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk Enterprise 5.0... Read more
Affected Products : splunk- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
4.8
MEDIUMCVE-2016-4858
Cross-site scripting vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk Enterpr... Read more
Affected Products : splunk- Published: May. 12, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2016-4857
Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.11 and Splunk Light prior to 6.4.2 allows to redirect users to arbitrary web sites and conduct phishing att... Read more
Affected Products : splunk- Published: May. 12, 2017
- Modified: Apr. 20, 2025