Easy Security Vulnerabilities
Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro 2015, Ichitaro Pro3, Ichitaro Pro2, Ichitaro Pro, Ichitaro 2011, Ichitaro Government 8, Ichitaro...
7.8CVSS
8AI Score
0.001EPSS
The Easy Appointments plugin before 1.12.0 for WordPress has XSS via a Settings values in the admin...
6.1CVSS
5.9AI Score
0.001EPSS
Cross-site scripting (XSS) vulnerability in the Easy Contact Form Solution plugin before 1.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the value parameter in a master_response action to...
6.1CVSS
6.1AI Score
0.001EPSS
Vulnerability in Easy Joomla Backup v3.2.4. The software creates a copy of the backup in the web root with an easily guessable...
7.5CVSS
7.5AI Score
0.006EPSS
SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for WordPress allows an authenticated user to execute arbitrary SQL commands via the testid parameter to...
8.8CVSS
9AI Score
0.001EPSS
There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1. By sending an overly long username string to registresult.htm for registering the user, an attacker may be able to execute arbitrary...
9.8CVSS
9.8AI Score
0.068EPSS
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to reset arbitrary passwords via a crafted POST request to...
7.5CVSS
7.4AI Score
0.018EPSS
Buffer overflow in Ether Software Easy MOV Converter 1.4.24, Easy DVD Creator, Easy MPEG/AVI/DIVX/WMV/RM to DVD, Easy Avi/Divx/Xvid to DVD Burner, Easy MPEG to DVD Burner, Easy WMV/ASF/ASX to DVD Burner, Easy RM RMVB to DVD Burner, Easy CD DVD Copy, MP3/AVI/MPEG/WMV/RM to Audio CD Burner,...
7.8CVSS
8.1AI Score
0.001EPSS
XSS exists in Easy WP SMTP (before 1.2.5), a WordPress Plugin, via the e-mail subject or...
6.1CVSS
5.9AI Score
0.001EPSS
Easy File Sharing FTP Server version 3.6 is vulnerable to a directory traversal vulnerability which allows an attacker to list and download any file from any folder outside the FTP root...
7.5CVSS
7.5AI Score
0.021EPSS
An issue was discovered in Emerson DeltaV Easy Security Management DeltaV V12.3, DeltaV V12.3.1, and DeltaV V13.3. Critical vulnerabilities may allow a local attacker to elevate privileges within the DeltaV control...
6.8CVSS
6.5AI Score
0.0004EPSS
Unspecified vulnerability in HP Easy Deploy, as distributed standalone and in HP Easy Tools before 3.0.1.1650, on HP Thin Client t5540, t5740, and t5740e devices and HP Flexible Thin Client t510, t520, t610, t620, and t820 devices allows remote attackers to execute arbitrary code via unknown...
7.9AI Score
0.092EPSS
Unspecified vulnerability in HP Easy Deploy, as distributed standalone and in HP Easy Tools before 3.0.1.1650, on HP Thin Client t5540, t5740, and t5740e devices and HP Flexible Thin Client t510, t520, t610, t620, and t820 devices allows remote authenticated users to execute arbitrary code via...
7.5AI Score
0.011EPSS
Cross-site request forgery (CSRF) vulnerability in the Easy Social Icons plugin before 1.2.3 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the image_file parameter in an edit action in the...
6.6AI Score
0.006EPSS
Cross-site scripting (XSS) vulnerability in Easy File Sharing Web Server 6.8 allows remote attackers to inject arbitrary web script or HTML via the username field during registration, which is not properly handled by...
5.9AI Score
0.002EPSS
The Easy Tips For Glowing Skin (aka com.n.easytipsforglowingskin) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...
6AI Score
0.0005EPSS
Cross-site scripting (XSS) vulnerability in the easy_social_admin_summary function in the Easy Social module 7.x-2.x before 7.x-2.11 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a block...
5.4AI Score
0.001EPSS
The Easy Video Downloader (aka com.simon.padillar.EasyVideo) application 4.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...
6AI Score
0.0005EPSS
Cross-site scripting (XSS) vulnerability in the Easy MailChimp Forms plugin 3.0 through 5.0.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the update_options action to...
6AI Score
0.002EPSS
The Easy Finder & Anti-Theft (aka com.nqmobile.easyfinder) application 2.0.10.08 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...
6AI Score
0.0005EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Easy File Sharing (EFS) Web Server 6.8 allow remote authenticated users to inject arbitrary web script or HTML via the content parameter when (1) creating a topic or (2) posting an answer. NOTE: some of these details are obtained from third...
5.5AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in classes/custom-image/media.php in the WP Easy Post Types plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ref...
6AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in the Easy Breadcrumb module 7.x-2.x before 7.x-2.10 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified...
5.9AI Score
0.002EPSS
Directory traversal vulnerability in Easytime Studio Easy File Manager 1.1 for iOS allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) to the default...
6.6AI Score
0.01EPSS
Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Connection Utility 4.7, 4.7.4, 4.8, 4.9, 4.10, and 4.11; and VAIO Easy Connect software 1.0.0 and 1.1.0....
7.9AI Score
0.242EPSS
SQL injection vulnerability in content.php in MH Products Easy Online Shop allows remote attackers to execute arbitrary SQL commands via the kat...
8.7AI Score
0.001EPSS
A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-4786 and...
6.8AI Score
0.933EPSS
Multiple cross-site scripting (XSS) vulnerabilities in index.php in PHP Web Scripts Easy Banner Free 2009.05.18, when magic_quotes_gpc is disabled, allow remote attackers to inject arbitrary web script or HTML via the (1) siteurl and (2) urlbanner...
6AI Score
0.007EPSS
Multiple SQL injection vulnerabilities in member.php in PHP Web Scripts Easy Banner Free 2009.05.18, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password...
9AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in subitems.php in PHP Easy Shopping Cart 3.1R allows remote attackers to inject arbitrary web script or HTML via the name...
5.9AI Score
0.002EPSS
Directory traversal vulnerability in thumbnail.ghp in Easy File Sharing (EFS) Web Server 4.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the vfolder...
6.8AI Score
0.009EPSS
Integer overflow in Roxio Easy Media Creator 9.0.136, and Roxio Creator 2010 before SP1, might allow remote attackers to execute arbitrary code via an image with crafted...
7.8AI Score
0.065EPSS
XM Easy Personal FTP Server 5.8.0 allows remote authenticated users to cause a denial of service (crash) by uploading or creating a large number of files or directories, then performing a LIST...
6.3AI Score
0.005EPSS
Dxmsoft XM Easy Personal FTP Server 5.8.0 allows remote authenticated users to cause a denial of service (daemon outage) via an APPE command to one socket in conjunction with a DELE command to a second...
6.3AI Score
0.004EPSS
Dxmsoft XM Easy Personal FTP Server 5.8.0 allows remote attackers to cause a denial of service via a long argument to the (1) LIST and (2) NLST commands, a differnt issue than CVE-2008-5626 and...
6.4AI Score
0.959EPSS
Stack-based buffer overflow in Easy Music Player 1.0.0.2 allows remote attackers to execute arbitrary code via a crafted .wav...
8AI Score
0.041EPSS
Cross-site scripting (XSS) vulnerability in NashTech Easy PHP Calendar 6.3.25 allows remote attackers to inject arbitrary web script or HTML via the Details field (descr parameter) in an Add New Event action in an unspecified request as generated by an add action in...
6AI Score
0.002EPSS
Multiple cross-site scripting (XSS) vulnerabilities in ScriptsEz Easy Image Downloader allow remote attackers to inject arbitrary web script or HTML via the id parameter in a detail action to (1) main.php and possibly (2)...
6AI Score
0.005EPSS
Directory traversal vulnerability in index.php in Easy PX 41 CMS 9.0 B1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the fiche...
7.3AI Score
0.011EPSS
Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx...
8AI Score
0.14EPSS
Pablo Software Solutions Quick 'n Easy Mail Server 3.3 allows remote attackers to cause a denial of service (daemon outage or CPU consumption) via multiple long SMTP commands, as demonstrated by HELO...
6.9AI Score
0.041EPSS
Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls)...
8.1AI Score
0.069EPSS
Easy Content Management Publishing stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for...
6.5AI Score
0.003EPSS
Directory traversal vulnerability in main.php in ScriptsEz Easy Image Downloader allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter in a download...
6.8AI Score
0.012EPSS
Insecure method vulnerability in the EasyGrid.SGCtrl.32 ActiveX control in EasyGrid.ocx 1.0.0.1 in AAA EasyGrid ActiveX 3.51 allows remote attackers to create and overwrite arbitrary files via the (1) DoSaveFile or (2) DoSaveHtmlFile method. NOTE: vector 1 could be leveraged for code execution by.....
7.6AI Score
0.816EPSS
XM Easy Personal FTP Server 5.6.0 allows remote authenticated users to cause a denial of service via a crafted argument to the NLST command, as demonstrated by a -1...
6AI Score
0.959EPSS
SQL injection vulnerability in index.php in Easy Webstore 1.2 allows remote attackers to execute arbitrary SQL commands via the cat_path...
8.4AI Score
0.001EPSS
Directory traversal vulnerability in Easy-Clanpage 3.0 b1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the section parameter to the default...
7.1AI Score
0.012EPSS
Multiple directory traversal vulnerabilities in viewsource.php in Make our Life Easy (Mole) 2.1.0 allow remote attackers to read arbitrary files via directory traversal sequences in the (1) dirn and (2) fname...
7AI Score
0.016EPSS
The Advanced User Interface Pages in the ProST Web Management component on the Airspan WiMAX ProST have a certain default User ID and password, which makes it easier for remote attackers to obtain partial administrative access, a different vulnerability than...
6.2AI Score
0.129EPSS