Lucene search
K

925 matches found

OSV
OSV
added 2018/04/13 4:29 p.m.2 views

UBUNTU-CVE-2017-0372

Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities...

9.8CVSS7.3AI score0.11653EPSS
Exploits5References3
OSV
OSV
added 2018/04/13 4:29 p.m.3 views

DEBIAN-CVE-2017-0372

Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities...

9.8CVSS7.6AI score0.11653EPSS
Exploits5References1
CNVD
CNVD
added 2017/12/18 12:0 a.m.4 views

AbiWord Parameter Injection Vulnerability

AbiWord is a free word processing program similar to Microsoft Word for a variety of word processing tasks. A security vulnerability exists in the af/util/xp/utgofile.cpp file in AbiWord version 3.0.2-2, which originates from the program not validating strings before starting the program. A remot...

8.8CVSS7.1AI score0.01221EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/18 12:0 a.m.3 views

Bernard Parisse Giac Parameter Injection Vulnerability

Bernard Parisse Giac is an open source computer algebra system written in C++ for Windows, Mac OS X, Unix and Linux. A security vulnerability exists in the Input.cc file in Bernard Parisse Giac version 1.2.3.57, which originates from the program failing to validate strings before starting the...

8.8CVSS7.3AI score0.01221EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/18 12:0 a.m.3 views

PasDoc Parameter Injection Vulnerability

PasDoc is a set of open source Pascal and Object Pascal source code documentation generation tools . A security vulnerability exists in the delphigui/WWWBrowserRunnerDM.pas file in PasDoc version 0.14, which originates from the program not validating strings before starting the program. A remote...

8.8CVSS7.5AI score0.01633EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/18 12:0 a.m.1 views

Geomview Parameter Injection Vulnerability

Geomview is an interactive 3D graphics viewing program for Unix-like systems. The program supports the use of the mouse to rotate, zoom in or out of graphics, and more. A security vulnerability exists in the common/help.c file in Geomview version 1.9.5, which originates from the program not...

8.8CVSS7.3AI score0.01495EPSS
Exploits1References1
CNVD
CNVD
added 2017/12/18 12:0 a.m.2 views

ScummVM Parameter Injection Vulnerability

ScummVM is a graphics engine for point-and-click adventure games. A security vulnerability exists in the backends/platform/sdl/posix/posix.cpp file in ScummVM version 1.9.0, which originates from a program that does not validate strings before starting the program. A remote attacker could exploit...

8.8CVSS7.2AI score0.01643EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/15 12:0 a.m.1 views

KildClient Parameter Injection Vulnerability

KildClient is a MUD client written in GTK+ Window Toolkit. A parameter injection vulnerability exists in KildClient 3.1.0. The vulnerability arises because KildClient does not validate strings before starting a program specified by the BROWSER environment variable. A remote attacker can exploit...

8.8CVSS7.4AI score0.01685EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/15 12:0 a.m.2 views

nip2 Parameter Injection Vulnerability

nip2 is a GUI for the VIPS image processing library. A parameter injection vulnerability exists in nip2 8.4.0. The vulnerability arises because boxes.c in nip2 does not validate strings before starting a program specified by the BROWSER environment variable. A remote attacker could exploit this...

8.8CVSS7.4AI score0.01685EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/15 12:0 a.m.3 views

Reddit Terminal Viewer (RTV) Parameter Injection Vulnerability

Reddit Terminal Viewer RTV is a simple terminal viewer for Reddit. A parameter injection vulnerability exists in Reddit Terminal Viewer RTV 1.19.0. The vulnerability arises because scripts/inspectwebbrowser.py in RTV does not validate strings before launching a program specified by the BROWSER...

8.8CVSS7.3AI score0.0122EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/15 12:0 a.m.2 views

FontForge uiutil.c file injection vulnerability

FontForge is an open source font editing tool that supports multiple languages. A security vulnerability exists in the uiutil.c file in FontForge 20170731 and earlier versions, which stems from the program failing to validate strings before starting the program. A remote attacker can exploit the...

8.8CVSS7.3AI score0.01834EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/15 12:0 a.m.3 views

SWI-Prolog library/www_browser.pl file injection vulnerability

SWI-Prolog is a fee-compliant compiler for the Prolog language. A security vulnerability exists in the library/wwwbrowser.pl file in SWI-Prolog version 7.2.3, which stems from the program failing to validate strings before starting the program. A remote attacker can exploit the vulnerability to...

8.8CVSS7.2AI score0.0122EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/15 12:0 a.m.2 views

Sylpheed libsylph/utils.c File Injection Vulnerability

Sylpheed is a lightweight email client using GTK+ Graphical Interface Creation Kit. A security vulnerability exists in the libsylph/utils.c file in Sylpheed 3.6 and earlier versions, which stems from the program failing to validate strings before starting the program. A remote attacker can exploi...

8.8CVSS7.2AI score0.01221EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/12/14 4:29 p.m.24 views

CVE-2017-17511

KildClient 3.1.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to prefs.c and worldgui.c...

8.8CVSS7.2AI score0.01685EPSS
Exploits0References4
Prion
Prion
added 2017/12/13 9:29 a.m.16 views

Sql injection

FS Makemytrip Clone 1.0 has SQL Injection via the show-flight-result.php florig or fldest parameter...

7.5CVSS9.9AI score0.02978EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2017/12/13 12:0 a.m.2 views

sensible-utils sensible-browser injection vulnerability

sensible-utils is a toolkit for analyzing and launching appropriate browsers, editors and pagers. sensible-browser is one of the browser selection tools. A security vulnerability exists in sensible-browser in versions of sensible-utils prior to 0.0.11, which stems from an undetected string before...

8.8CVSS7.2AI score0.02217EPSS
Exploits1References1
CNVD
CNVD
added 2017/12/12 12:0 a.m.4 views

LilyPond lilypond-invoke-editor injection vulnerability

LilyPond is a set of open source audio editing software. lilypond-invoke-editor is one of the tools used to invoke the editor. A security vulnerability exists in lilypond-invoke-editor in LilyPond version 2.19.80, which stems from a failure to detect strings before starting the program. A remote...

8.8CVSS7.2AI score0.02109EPSS
Exploits0References1
0day.today
0day.today
added 2017/10/30 12:0 a.m.43 views

Vastal I-Tech Agent Zone - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Vastal I-Tech Agent Zone - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://vastal.com/ Software http://vastal.com/agent-zone-real-estate-script.html Demo: http://agentzone.vastal.com/demo/ Version: N/A Category:...

7.5CVSS9.2AI score0.02652EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/10/30 12:0 a.m.28 views

Basic B2B Script - SQL Injection

Exploit Title: Basic B2B Script - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software Link: http://www.exclusivescript.com/product/nC3F4570353/php-scripts/basic-b2b-script Demo: http://readymadeb2bscript.com/product/entrepreneur/ Version: N/A Category...

9.8CVSS9.7AI score0.02652EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/10/30 12:0 a.m.38 views

Job Board Script - 'nice_theme' SQL Injection

Exploit Title: Job Board Script - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.nicephpscripts.com/ Software http://www.nicephpscripts.com/jobboardscript.htm Demo: http://www.nicephpscripts.com/scripts/faqscript/ Version: N/A Category: Webapps Tested on: WiN7x64/KaLiLinuXx6...

9.8CVSS9.7AI score0.02148EPSS
Exploits3
Rows per page
Query Builder