CVEs from 2017
Total
11,713
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
1.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-12898 | critical | 9.8 | 9.8 | 9y ago | The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply(). | |||
| CVE-2017-12897 | critical | 9.8 | 9.8 | 9y ago | The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print(). | |||
| CVE-2017-12896 | critical | 9.8 | 9.8 | 9y ago | The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print(). | |||
| CVE-2017-12895 | critical | 9.8 | 9.8 | 9y ago | The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print(). | |||
| CVE-2017-12894 | critical | 9.8 | 9.8 | 9y ago | Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring(). | |||
| CVE-2017-12893 | critical | 9.8 | 9.8 | 9y ago | The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len(). | |||
| CVE-2017-14429 | critical | 9.8 | 9.8 | 9y ago | The DHCP client on D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices allows unauthenticated remote code execution as root beca… | |||
| CVE-2017-14421 | critical | 9.8 | 9.8 | 9y ago | D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices have a hardcoded password of wrgac25_dlink.2013gui_dir850l for the Alphanetworks account upon device reset, which allows remote attac… | |||
| CVE-2017-14417 | critical | 9.8 | 9.8 | 9y ago | register_send.php on D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices does not require authentication, which can result in unintended enrollment in mydlink Cloud Services. | |||
| CVE-2017-11462 | critical | 9.8 | 9.8 | 9y ago | Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error. | |||
| CVE-2017-11351 | critical | 9.8 | 9.8 | 9y ago | Axesstel MU553S MU55XS-V1.14 devices have a default password of admin for the admin account. | |||
| CVE-2017-14403 | critical | 9.8 | 9.8 | 9y ago | The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the term parameter to module/admin_group/search.php. | |||
| CVE-2017-14402 | critical | 9.8 | 9.8 | 9y ago | The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the "ACCOUNT CREATION" section, related to lack of input v… | |||
| CVE-2017-14401 | critical | 9.8 | 9.8 | 9y ago | The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the "ACCOUNT UPDATE" section. | |||
| CVE-2017-8686 | critical | 9.8 | 9.8 | 9y ago | The Windows Server DHCP service in Windows Server 2012 Gold and R2, and Windows Server 2016 allows an attacker to either run arbitrary code on the DHCP failover server or cause the DHCP service to be… | |||
| CVE-2017-14397 | critical | 9.8 | 9.8 | 9y ago | AnyDesk before 3.6.1 on Windows has a DLL injection vulnerability. | |||
| CVE-2017-14396 | critical | 9.8 | 9.8 | 9y ago | In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square brackets at the end of a parameter name, as demonstrated by the key parameter to file.php. | |||
| CVE-2017-8015 | critical | 9.8 | 9.8 | 9y ago | EMC AppSync (all versions prior to 3.5) contains a SQL injection vulnerability that could potentially be exploited by malicious users to compromise the affected system. | |||
| CVE-2017-14346 | critical | 9.8 | 9.8 | 9y ago | upload.php in tianchoy/blog through 2017-09-12 allows unrestricted file upload and PHP code execution by using the image/jpeg, image/pjpeg, image/png, or image/gif content type for a .php file. | |||
| CVE-2017-14345 | critical | 9.8 | 9.8 | 9y ago | SQL Injection exists in tianchoy/blog through 2017-09-12 via the id parameter to view.php. | |||
| CVE-2017-7649 | critical | 9.8 | 9.8 | 9y ago | The network enabled distribution of Kura before 2.1.0 takes control over the device's firewall setup but does not allow IPv6 firewall rules to be configured. Still the Equinox console port 5002 is le… | |||
| CVE-2017-14269 | critical | 9.8 | 9.8 | 9y ago | EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attackers to obtain sensitive information via a JSONP endpoint, as demonstrated by passwords and SMS content. | |||
| CVE-2017-14265 | critical | 9.8 | 9.8 | 9y ago | A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack. | |||
| CVE-2017-14252 | critical | 9.8 | 9.8 | 9y ago | SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the group_id cookie to side.php. | |||
| CVE-2017-14247 | critical | 9.8 | 9.8 | 9y ago | SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the user_id cookie to header.php, a related issue to CVE-2017-1000060. | |||
| CVE-2017-14242 | critical | 9.8 | 9.8 | 9y ago | Dolibarr SQL injection vulnerability in don/list.php | |||
| CVE-2017-14238 | critical | 9.8 | 9.8 | 9y ago | Dolibarr SQL injection vulnerability in admin/menus/edit.php | |||
| CVE-2017-12733 | critical | 9.8 | 9.8 | 9y ago | A Missing Authentication for Critical Function issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100, SiteSentinel Integra 500, and SiteSentinel iSite ATG consoles with the fol… | |||
| CVE-2017-12731 | critical | 9.8 | 9.8 | 9y ago | A SQL Injection issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100, SiteSentinel Integra 500, and SiteSentinel iSite ATG consoles with the following software versions: older… | |||
| CVE-2017-11161 | critical | 9.8 | 9.8 | 9y ago | Multiple SQL injection vulnerabilities in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to label.php;… | |||
| CVE-2017-9834 | critical | 9.8 | 9.8 | 9y ago | SQL injection vulnerability in the WatuPRO plugin before 5.5.3.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the watupro_questions parameter in a watupro_submit action… | |||
| CVE-2017-14147 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered on FiberHome User End Routers Bearing Model Number AN1020-25 which could allow an attacker to easily restore a router to its factory settings by simply browsing to the link ht… | |||
| CVE-2017-9458 | critical | 9.8 | 9.8 | 9y ago | XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS before 6.1.18, 7.0.x before 7.0.17, 7.1.x before 7.1.12, and 8.0.x be… | |||
| CVE-2017-13771 | critical | 9.8 | 9.8 | 9y ago | Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network configuration credentials in plaintext and transmits them in requests, which allows remote attackers to obtain sensitive information via… | |||
| CVE-2017-14145 | critical | 9.8 | 9.8 | 9y ago | HelpDEZk 1.1.1 has SQL Injection in app\modules\admin\controllers\loginController.php via the admin/login/getWarningInfo/id/ PATH_INFO, related to the selectWarning function. | |||
| CVE-2017-14138 | critical | 9.8 | 9.8 | 9y ago | ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors. | |||
| CVE-2017-14135 | critical | 9.8 | 9.8 | 9y ago | enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py in the webadmin plugin for opendreambox 2.0.0 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the com… | |||
| CVE-2017-14127 | critical | 9.8 | 9.8 | 9y ago | Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OI_Fw_v7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingA… | |||
| CVE-2017-14100 | critical | 9.8 | 9.8 | 9y ago | In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized command execution is possible. Th… | |||
| CVE-2017-12873 | critical | 9.8 | 9.8 | 9y ago | SimpleSAMLphp 1.7.0 through 1.14.10 might allow attackers to obtain sensitive information, gain unauthorized access, or have unspecified other impacts by leveraging incorrect persistent NameID genera… | |||
| CVE-2017-3897 | critical | 9.8 | 9.8 | 9y ago | A Code Injection vulnerability in the non-certificate-based authentication mechanism in McAfee Live Safe versions prior to 16.0.3 and McAfee Security Scan Plus (MSS+) versions prior to 3.11.599.3 all… | |||
| CVE-2017-12868 | critical | 9.8 | 9.8 | 9y ago | The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct session fixation attacks or possibly bypas… | |||
| CVE-2017-14076 | critical | 9.8 | 9.8 | 9y ago | SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the id parameter to linksmanage.php in an editlink action. | |||
| CVE-2017-14069 | critical | 9.8 | 9.8 | 9y ago | SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the usernw array parameter to nowarn.php. | |||
| CVE-2017-14064 | critical | 9.8 | 9.8 | 9y ago | Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which … | |||
| CVE-2017-14062 | critical | 9.8 | 9.8 | 9y ago | Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. | |||
| CVE-2017-14061 | critical | 9.8 | 9.8 | 9y ago | Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. | |||
| CVE-2017-14035 | critical | 9.8 | 9.8 | 9y ago | CrushFTP 8.x before 8.2.0 has a serialization vulnerability. | |||
| CVE-2017-12708 | critical | 9.8 | 9.8 | 9y ago | An Improper Restriction Of Operations Within The Bounds Of A Memory Buffer issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabil… | |||
| CVE-2017-12706 | critical | 9.8 | 9.8 | 9y ago | A stack-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validat… | |||
| CVE-2017-12698 | critical | 9.8 | 9.8 | 9y ago | An Improper Authentication issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Specially crafted requests allow a possible authentication bypass that could allow remote code … | |||
| CVE-2017-12865 | critical | 9.8 | 9.8 | 9y ago | Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string pass… | |||
| CVE-2017-1376 | critical | 9.8 | 9.8 | 9y ago | A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and elevate its privileges. IBM X-Force ID: 126873. | |||
| CVE-2017-13715 | critical | 9.8 | 9.8 | 9y ago | The __skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel before 4.3 does not ensure that n_proto, ip_proto, and thoff are initialized, which allows remote attackers to cause a… | |||
| CVE-2017-10842 | critical | 9.8 | 9.8 | 9y ago | baserCMS SQL Injection vulnerability | |||
| CVE-2017-10832 | critical | 9.8 | 9.8 | 9y ago | "Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. | |||
| CVE-2017-0899 | critical | 9.8 | 9.8 | 9y ago | RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape seque… | |||
| CVE-2017-8380 | critical | 9.8 | 9.8 | 9y ago | Buffer overflow in the "megasas_mmio_write" function in Qemu 2.9.0 allows remote attackers to have unspecified impact via unknown vectors. | |||
| CVE-2017-13707 | critical | 9.8 | 9.8 | 9y ago | Privilege escalation in Replibit Backup Manager earlier than version 2017.08.04 allows attackers to gain root privileges via sudo command execution. The vi program can be accessed through sudo, in or… | |||
| CVE-2017-12816 | critical | 9.8 | 9.8 | 9y ago | In Kaspersky Internet Security for Android 11.12.4.1622, some of application exports activities have weak permissions, which might be used by a malware application to get unauthorized access to the p… | |||
| CVE-2017-12707 | critical | 9.8 | 9.8 | 9y ago | A Stack-based Buffer Overflow issue was discovered in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and prior. Opening a maliciously crafted html file may cause a stack overflow. | |||
| CVE-2017-13669 | critical | 9.8 | 9.8 | 9y ago | SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php. | |||
| CVE-2017-12679 | critical | 9.8 | 9.8 | 9y ago | SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php. | |||
| CVE-2017-12965 | critical | 9.8 | 9.8 | 9y ago | Session fixation vulnerability in Apache2Triad 1.5.4 allows remote attackers to hijack web sessions via the PHPSESSID parameter. | |||
| CVE-2017-13137 | critical | 9.8 | 9.8 | 9y ago | The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php. | |||
| CVE-2017-12858 | critical | 9.8 | 9.8 | 9y ago | Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to have unspecified impact via unknown vectors. | |||
| CVE-2017-12791 | critical | 9.8 | 9.8 | 9y ago | Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.11.7 and 2017.7.x before 2017.7.1 allows remote minions with incorrect credentials to authenticate to a master … | |||
| CVE-2017-11610 | high | 8.8 | 9.8 | 9y ago | The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC req… | |||
| CVE-2017-13139 | critical | 9.8 | 9.8 | 9y ago | In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk. | |||
| CVE-2017-12787 | critical | 9.8 | 9.8 | 9y ago | A network interface of the novi_process_manager_daemon service, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an… | |||
| CVE-2017-12786 | critical | 9.8 | 9.8 | 9y ago | Network interfaces of the cliengine and noviengine services, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an op… | |||
| CVE-2017-12785 | critical | 9.8 | 9.8 | 9y ago | The novish command-line interface, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, is prone to a buffer overflow in the "show log cli" command. Th… | |||
| CVE-2017-7420 | critical | 9.8 | 9.8 | 9y ago | An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Ho… | |||
| CVE-2017-12981 | critical | 9.8 | 9.8 | 9y ago | NexusPHP 1.5.beta5.20120707 has SQL Injection in forummanage.php via the sort parameter in an addforum action. | |||
| CVE-2017-11366 | critical | 9.8 | 9.8 | 9y ago | Codiad Vulnerable to Shell Command Injection | |||
| CVE-2017-7364 | critical | 9.8 | 9.8 | 9y ago | In all Qualcomm products with Android releases from CAF using the Linux kernel, in function __mdss_fb_copy_destscaler_data(), variable ds_data[i].scale may still point to a user-provided address (whi… | |||
| CVE-2017-12776 | critical | 9.8 | 9.8 | 9y ago | SQL injection vulnerability in reports.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the delreport parameter. | |||
| CVE-2017-12582 | critical | 9.8 | 9.8 | 9y ago | Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P devices with firmware 4.2.1 build 20160601. Unprivileged user cannot login at front end but with that u… | |||
| CVE-2017-12943 | critical | 9.8 | 9.8 | 9y ago | D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a model/__show_info.php?REQUIRE_FILE= absolute path traversal attack, as demonstrated by discovering the … | |||
| CVE-2017-7278 | critical | 9.8 | 9.8 | 9y ago | Unspecified vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort 4400 before A2 has unknown impact and attack vectors. | |||
| CVE-2017-12942 | critical | 9.8 | 9.8 | 9y ago | libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function. | |||
| CVE-2017-12941 | critical | 9.8 | 9.8 | 9y ago | libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function. | |||
| CVE-2017-12940 | critical | 9.8 | 9.8 | 9y ago | libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function. | |||
| CVE-2017-12939 | critical | 9.8 | 9.8 | 9y ago | A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before… | |||
| CVE-2017-12933 | critical | 9.8 | 9.8 | 9y ago | The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data… | |||
| CVE-2017-12932 | critical | 9.8 | 9.8 | 9y ago | ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for … | |||
| CVE-2017-12910 | critical | 9.8 | 9.8 | 9y ago | SQL injection vulnerability in massmail.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the or parameter. | |||
| CVE-2017-12909 | critical | 9.8 | 9.8 | 9y ago | SQL injection vulnerability in modtask.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter. | |||
| CVE-2017-12908 | critical | 9.8 | 9.8 | 9y ago | SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the conusr parameter. | |||
| CVE-2017-7555 | critical | 9.8 | 9.8 | 9y ago | Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the applicatio… | |||
| CVE-2017-7551 | critical | 9.8 | 9.8 | 9y ago | 389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts. | |||
| CVE-2017-7546 | critical | 9.8 | 9.8 | 9y ago | PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password. | |||
| CVE-2017-8248 | critical | 9.8 | 9.8 | 9y ago | A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as used in Apple iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation. | |||
| CVE-2017-9653 | critical | 9.8 | 9.8 | 9y ago | An Improper Authorization issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA bef… | |||
| CVE-2017-9800 | critical | 9.8 | 9.8 | 9y ago | A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be ge… | |||
| CVE-2017-3124 | critical | 9.8 | 9.8 | 9y ago | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the picture exch… | |||
| CVE-2017-3108 | critical | 9.8 | 9.8 | 9y ago | Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability. | |||
| CVE-2017-11274 | critical | 9.8 | 9.8 | 9y ago | Adobe Digital Editions 4.5.4 and earlier has an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | |||
| CVE-2017-8658 | critical | 9.8 | 9.8 | 9y ago | ChakraCore RCE Vulnerability | |||
| CVE-2017-12774 | critical | 9.8 | 9.8 | 9y ago | finecms in 1.9.5\controllers\member\ContentController.php allows remote attackers to operate website database |