2 matches found
CVE-2017-17713
Summary: CVE-2017-17713 and CVE-2017-17714 pertain to Trape, an open-source internet tracking/identification tool, with concrete issues reported in connected documents. For CVE-2017-17713, Trape prior to 2017-11-05 is vulnerable to SQL injection via multiple parameters and headers, including /nr ...
CVE-2017-17714
CVE-2017-17714 affects Trape prior to 2017-11-05, where an XSS vulnerability exists via multiple input vectors. The issue arises from unsanitized user-controlled input across a long list of parameters and headers, including /nr red, /nr vId, /register (country, countryCode, cpu, isp, lat, lon, or...