82 matches found
EUVD-2026-4017
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in woofer696 Dinatur dinatur allows Stored XSS.This issue affects Dinatur: from n/a through = 1.18...
EUVD-2020-4017
Malware in sbrugna...
CVE-2025-4017
A vulnerability classified as problematic was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This vulnerability affects the function list of the file nnovel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper...
CVE-2025-4017
A vulnerability classified as problematic was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This vulnerability affects the function list of the file nnovel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper...
CVE-2025-4017
A vulnerability classified as problematic was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This vulnerability affects the function list of the file nnovel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper...
CVE-2025-4017
creationtimestamp| type| source ---|---|--- 2025-04-28 11:10:11+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13672 2025-04-28 13:40:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnuvda5ivx2t 2025-04-28 15:44:09+00:00| seen|...
CVE-2025-4017 20120630 Novel-Plus LogController.java list improper authorization
A vulnerability classified as problematic was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This vulnerability affects the function list of the file nnovel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper...
CVE-2025-4017 20120630 Novel-Plus LogController.java list improper authorization
A vulnerability classified as problematic was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This vulnerability affects the function list of the file nnovel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper...
CVE-2021-4017
showdoc is vulnerable to Cross-Site Request Forgery CSRF...
WordPress Goya Theme <= 1.0.8.7 is vulnerable to Cross Site Scripting (XSS)
Software Goya Type Theme Vulnerable versions = 1.0.8.7 Fixed in 1.0.8.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4017 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0283a037aa0b Credits RE-ALTER Required privileg...
CVE-2023-4017 Goya <= 1.0.8.7 - Unauthenticated Reflected Cross-Site Scripting via Multiple Parameters
The Goya theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘attra-color’, 'attra-size', and 'product-cata' parameters in versions up to, and including, 1.0.8.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attacker...
CVE-2024-4017
Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit filesystem modules allows DLL Side-Loading.This issue affects U-Series Appliance: from 3.4 before 4.0.3...
CVE-2024-4017
BeyondTrust U-Series Appliance (Windows, 64-bit filesystem modules) is affected by CVE-2024-4017 due to improper privilege management allowing DLL side-loading. Affected versions are 3.4 through prior to 4.0.3; remediation is to upgrade to version 4.0.3 or later. Some sources confirm the vulnerab...
CVE-2024-4017 Privilege Escalation in U-Series Appliance
Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit filesystem modules allows DLL Side-Loading.This issue affects U-Series Appliance: from 3.4 before 4.0.3...
CVE-2024-4017 Privilege Escalation in U-Series Appliance
Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit filesystem modules allows DLL Side-Loading.This issue affects U-Series Appliance: from 3.4 before 4.0.3...
openSUSE: Security Advisory for go1.21 (SUSE-SU-2023:4017-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2010-4017
Rejected reason: This candidate is unused by its CNA...
CVE-2022-4017
The CVE-2022-4017 entries cover multiple Booster for WooCommerce plugins (Booster, Booster Plus, Booster Elite) for WordPress, with versions prior to 6.0.1 vulnerable due to flawed or missing CSRF checks in numerous places. This CSRF weakness could permit logged-in users to perform unintended act...
CVE-2022-4017 Booster for WooCommerce - Multiple CSRF
The Booster for WooCommerce WordPress plugin before 6.0.1, Booster Plus for WooCommerce WordPress plugin before 6.0.1, Booster Elite for WooCommerce WordPress plugin before 6.0.1 have either flawed CSRF checks or are missing them completely in numerous places, allowing attackers to make logged in...
WordPress Booster for WooCommerce Plugin < 6.0.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Booster for WooCommerce Type Plugin Vulnerable versions 6.0.1 Fixed in 6.0.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-4017 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID de8fb5129362 Credits WPScan Require...