Lucene search
K

67 matches found

CVE
CVE
added 2017/11/17 3:0 a.m.61 views

CVE-2017-1000228

CVE-2017-1000228 affects nodejs ejs: any versions older than 2.5.3 are vulnerable to remote code execution due to weak input validation in ejs.renderFile(). Explanation: this is a concrete vulnerability with multiple coordinated disclosures (NVD entry and corroborating reports in GHSA, Debian, CN...

10CVSS9.7AI score0.06328EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2017/11/17 3:0 a.m.32 views

CVE-2017-1000189

nodejs ejs version older than 2.5.5 is vulnerable to a denial-of-service due to weak input validation in the ejs.renderFile...

7.5CVSS7.4AI score0.02267EPSS
Exploits0
CNVD
CNVD
added 2017/11/17 12:0 a.m.4 views

nodejs ejs remote code execution vulnerability

nodejs ejs is an embedded JavaScript template with flow control, customizable delimiters and escaped output. A remote code execution vulnerability exists in the 'ejs.renderFile' function in versions of nodejs ejs prior to 2.5.3, which stems from weak input validation. A remote attacker could...

10CVSS8.2AI score0.06328EPSS
Exploits1References1
CNVD
CNVD
added 2017/03/27 12:0 a.m.4 views

CMS Made Simple Cross-Site Scripting Vulnerability (CNVD-2017-05372)

CMS Made Simple CMSMS is an open source content management system CMS developed by the CMSMS team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A cross-site scripting vulnerability exists in CMS...

5.4CVSS7AI score0.00607EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2016/09/07 12:0 a.m.48 views

FreePBX 13.0.x Code Execution

Vulnerable software : Freepbx Tested versions : 13.0.x $this-commandline = $commandline; $this-cwd = $cwd; Line 275 $commandline = $this-commandline; if '\' === DIRECTORYSEPARATOR && $this-enhanceWindowsCompatibility $commandline = 'cmd /V:ON /E:ON /C "'.$commandline.''; foreach...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/09/07 12:0 a.m.27 views

FreePBX 13.0.x 13.0.154 - Remote Command Execution

FreePBX 13.0.x 13.0.154 - Remote Command Execution Vulnerable software : Freepbx Tested versions : 13.0.x $this-commandline = $commandline; $this-cwd = $cwd; Line 275 $commandline = $this-commandline; if '\' === DIRECTORYSEPARATOR && $this-enhanceWindowsCompatibility $commandline = 'cmd /V:ON...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2003/09/24 12:0 a.m.14 views

TCLhttpd 3.4.2 - Directory Listing Disclosure

TCLhttpd 3.4.2 - Directory Listing Disclosure source: https://www.securityfocus.com/bid/8687/info It has been reported that a vulnerability present in TCLHttpd allows for attackers to view the contents of arbitrary directories on affected web servers. According to the report, the input validation...

7.4AI score
Exploits0
Rows per page
Query Builder