247 matches found
e107 SQL Injection Vulnerability (CNVD-2017-10152)
e107 is an open source, free and PHP and MySQL based Content Management System CMS developed by e107 team. The system supports a variety of plug-in programs and appearance of the theme , can be used as a personal blog , discussion community , archive repository and so on. A SQL injection...
Juniper Networks NorthStar Controller Application Remote Elevation of Privilege Vulnerability (CNVD-2017-07238)
Juniper Networks NorthStar Controller Application is a traffic planning controller from Juniper Networks, Inc. The controller optimizes service provider transport networks by establishing open industry standard protocols. A remote elevation of privilege vulnerability exists in Juniper Networks...
UBUNTU-CVE-2017-3590
Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/Python. Supported versions that are affected are 2.1.5 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Connectors executes to...
CVE-2017-2333
A persistent denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious, network-based, authenticated attacker to consume enough system resources to cause a persistent denial of service by visiting certain...
Symantec NetBackup Security Bypass Vulnerability
Symantec NetBackup is the United States Symantec Symantec company a set of data backup and recovery software suite designed for business users. A security vulnerability exists in the NetApp plug-in in versions prior to Symantec NetBackup 2.0.1 due to the program's use of non-unique server...
Burden TMA Cross-Site Scripting Vulnerability
Burden TMA is a full-featured PHP-based task management application that supports adding, editing, and deleting tasks, and distinguishes task importance levels by color. A cross-site scripting vulnerability exists in Burden TMA version 2.1.1, which stems from the program failing to adequately...
CVE-2016-2268
Dell SecureWorks app before 2.1 for iOS does not validate SSL certificates, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...