Design/Logic Flaw

The loaddebugsection function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service invalid memory access and application crash or possibly have unspecified other impact via an ELF file that lacks section headers...

CVE-2017-17126

The loaddebugsection function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service invalid memory access and application crash or possibly have unspecified other impact via an ELF file that lacks section headers...

DEBIAN-CVE-2017-17126

The loaddebugsection function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service invalid memory access and application crash or possibly have unspecified other impact via an ELF file that lacks section headers...

CVE-2017-17126

The loaddebugsection function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service invalid memory access and application crash or possibly have unspecified other impact via an ELF file that lacks section headers...

Code injection

The files function in the administration section in CS-Cart 4.6.2 and earlier allows attackers to execute arbitrary PHP code via vectors involving a custom page...

CVE-2017-15673

The files function in the administration section in CS-Cart 4.6.2 and earlier allows attackers to execute arbitrary PHP code via vectors involving a custom page...

PT-2017-4320 · Gnu +1 · Gnu Binutils +1

Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.29.1 Description: The issue is related to an integer overflow in the dump relocs in section function of the objdump.c component. This allows a remote attacker to cause a denial of service, potentially leading to excessi...

CSC Cart 4.6.2 Shell Upload Vulnerability

Exploit for php platform in category web applications Summary CSC Cart is a PHP based shopping cart software, which is hosted either locally or by the company csc-cart company. It has a vulnerability in the administration section, which allows full remote code execution on the server. This has be...

club-elen.de XSS vulnerability

Open Bug Bounty ID: OBB-432449 Description| Value ---|--- Affected Website:| club-elen.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

yeshiva.co XSS vulnerability

Open Bug Bounty ID: OBB-411432 Description| Value ---|--- Affected Website:| yeshiva.co Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

radare buffer overflow vulnerability (CNVD-2017-34472)

adare is a set of libraries and tools for working with binary files. A memory corruption vulnerability in the 'storeversioninfognuverdef' function and 'storeversioninfognuverneed' function in the libr/bin/format/elf/elf.c file in radare 2.0.1 originates when the program allocates memory...

PHPMyFAQ 2.9.8 - Cross-Site Scripting (3)

Exploit Title: phpMyFAQ 2.9.8 Stored XSS Vulnerability Date: 28-9-2017 Exploit Author: Nikhil Mittal Payatu Labs Vendor Homepage: http://www.phpmyfaq.de/ Software Link: http://download.phpmyfaq.de/phpMyFAQ-2.9.8.zip Version: 2.9.8 Tested on: MAC OS CVE : 2017-15727 1. Description In phpMyFAQ befo...

Cross site request forgery (csrf)

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery CSRF in admin/news.php...

alyasabr.com XSS vulnerability

Open Bug Bounty ID: OBB-347712 Description| Value ---|--- Affected Website:| alyasabr.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

UBUNTU-CVE-2017-15587

An integer overflow was discovered in pdfreadnewxrefsection in pdf/pdf-xref.c in Artifex MuPDF 1.11...

PT-2017-14115 · Artifex · Mupdf

Name of the Vulnerable Software and Affected Versions: Artifex MuPDF version 1.11 Description: An integer overflow was discovered in the pdf read new xref section function in pdf/pdf-xref.c. This issue affects the processing of PDF files. Recommendations: For Artifex MuPDF version 1.11, consider...

alianzainm.com XSS vulnerability

Vulnerable URL: http://www.alianzainm.com/si/index.php?seccion=Buscadorr"'--!...

Cross site scripting

Shopware v5.2.5 - v5.3 is vulnerable to cross site scripting in the customer and order section of the content management system backend modules. Remote attackers are able to inject malicious script code into the firstname, lastname, or order input fields to provoke persistent execution in the...

CVE-2017-15374

Shopware v5.2.5 - v5.3 is vulnerable to cross site scripting in the customer and order section of the content management system backend modules. Remote attackers are able to inject malicious script code into the firstname, lastname, or order input fields to provoke persistent execution in the...

KLA11852 Security UI vulnerability in Microsoft Products (ESU)

A spoofing vulnerability was found in Microsoft Products Extended Support Update. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2017-13080 Related products Microsoft-Windows Microsoft-Windows-Server Microsoft-Windows-Server-2012 Microsoft-Windows-...