CVEs from 2017
Total
11,713
critical
critical 1,647
high
high 5,041
medium
medium 4,168
low
low 159
% Critical
14.1%
% with KEV
0.7%
% with exploit
1.8%
Top vendors
Top products
- imagemagick 1,426
- joomla\! 932
- kanboard 848
- ntp 762
- tomcat 676
- mahara 572
- postgresql 492
- asterisk 435
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-12762 | critical | 9.8 | 9.8 | 9y ago | In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux … | |||
| CVE-2017-3632 | critical | 9.8 | 9.8 | 9y ago | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: CDE Calendar). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows u… | |||
| CVE-2017-11153 | critical | 9.8 | 9.8 | 9y ago | Deserialization vulnerability in synophoto_csPhotoMisc.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to gain administrator privileges via a crafted serialized p… | |||
| CVE-2017-11151 | critical | 9.8 | 9.8 | 9y ago | A vulnerability in synotheme_upload.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to upload arbitrary files without authentication via the logo_upload action. | |||
| CVE-2017-9939 | critical | 9.8 | 9.8 | 9y ago | A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with network access to the SiPass integrated server to bypass the authentication m… | |||
| CVE-2017-6869 | critical | 9.8 | 9.8 | 9y ago | A vulnerability was discovered in Siemens ViewPort for Web Office Portal before revision number 1453 that could allow an unauthenticated remote user to upload arbitrary code and execute it with the p… | |||
| CVE-2017-12650 | critical | 9.8 | 9.8 | 9y ago | SQL Injection exists in the Loginizer plugin before 1.3.6 for WordPress via the X-Forwarded-For HTTP header. | |||
| CVE-2017-12567 | critical | 9.8 | 9.8 | 9y ago | SQL injection exists in Quest KACE Asset Management Appliance 6.4.120822 through 7.2, Systems Management Appliance 6.4.120822 through 7.2.101, and K1000 as a Service 7.0 through 7.2. | |||
| CVE-2017-9632 | critical | 9.8 | 9.8 | 9y ago | A Missing Encryption of Sensitive Data issue was discovered in PDQ Manufacturing LaserWash G5 and G5 S Series all versions, LaserWash M5, all versions, LaserWash 360 and 360 Plus, all versions, Laser… | |||
| CVE-2017-6747 | critical | 9.8 | 9.8 | 9y ago | A vulnerability in the authentication module of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to bypass local authentication. The vulnerability is due to improp… | |||
| CVE-2017-12588 | critical | 9.8 | 9.8 | 9y ago | The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact. | |||
| CVE-2017-9861 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in SMA Solar Technology products. The SIP implementation does not properly use authentication with encryption: it is vulnerable to replay attacks, packet injection attacks, an… | |||
| CVE-2017-9860 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in SMA Solar Technology products. An attacker can use Sunny Explorer or the SMAdata2+ network protocol to update the device firmware without ever having to authenticate. If an… | |||
| CVE-2017-9859 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in SMA Solar Technology products. The inverters make use of a weak hashing algorithm to encrypt the password for REGISTER requests. This hashing algorithm can be cracked relat… | |||
| CVE-2017-9855 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in SMA Solar Technology products. A secondary authentication system is available for Installers called the Grid Guard system. This system uses predictable codes, and a single … | |||
| CVE-2017-9854 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in SMA Solar Technology products. By sniffing for specific packets on the localhost, plaintext passwords can be obtained as they are typed into Sunny Explorer by the user. The… | |||
| CVE-2017-9853 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in SMA Solar Technology products. All inverters have a very weak password policy for the user and installer password. No complexity requirements or length requirements are set… | |||
| CVE-2017-9852 | critical | 9.8 | 9.8 | 9y ago | An Incorrect Password Management issue was discovered in SMA Solar Technology products. Default passwords exist that are rarely changed. User passwords will almost always be default. Installer passwo… | |||
| CVE-2017-12562 | critical | 9.8 | 9.8 | 9y ago | Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unsp… | |||
| CVE-2017-10818 | critical | 9.8 | 9.8 | 9y ago | MaLion for Windows and Mac versions 3.2.1 to 5.2.1 uses a hardcoded cryptographic key which may allow an attacker to alter the connection settings of Terminal Agent and spoof the Relay Service. | |||
| CVE-2017-10817 | critical | 9.8 | 9.8 | 9y ago | MaLion for Windows and Mac 5.0.0 to 5.2.1 allows remote attackers to bypass authentication to alter settings in Relay Service Server. | |||
| CVE-2017-10816 | critical | 9.8 | 9.8 | 9y ago | SQL injection vulnerability in the MaLion for Windows and Mac 5.0.0 to 5.2.1 allows remote attackers to execute arbitrary SQL commands via Relay Service Server. | |||
| CVE-2017-12424 | critical | 9.8 | 9.8 | 9y ago | In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other me… | |||
| CVE-2017-12414 | critical | 9.8 | 9.8 | 9y ago | Format Factory 4.1.0 has a DLL Hijacking Vulnerability because an untrusted search path is used for msimg32.dll, WindowsCodecs.dll, and dwmapi.dll. | |||
| CVE-2017-11393 | critical | 9.8 | 9.8 | 9y ago | Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by par… | |||
| CVE-2017-11392 | high | 8.8 | 9.8 | 9y ago | Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw… | |||
| CVE-2017-11391 | high | 8.8 | 9.8 | 9y ago | Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw… | |||
| CVE-2017-7442 | high | 8.8 | 9.8 | 9y ago | Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences. | |||
| CVE-2017-11721 | critical | 9.8 | 9.8 | 9y ago | Buffer overflow in ioquake3 before 2017-08-02 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted packet. | |||
| CVE-2017-11105 | critical | 9.8 | 9.8 | 9y ago | The OnePlus 2 Primary Bootloader (PBL) does not validate the SBL1 partition before executing it, although it contains a certificate. This allows attackers with write access to that partition to disab… | |||
| CVE-2017-11389 | critical | 9.8 | 9.8 | 9y ago | Directory traversal vulnerability in Trend Micro Control Manager 6.0 allows remote code execution by attackers able to drop arbitrary files in a web-facing directory. Formerly ZDI-CAN-4684. | |||
| CVE-2017-11386 | critical | 9.8 | 9.8 | 9y ago | SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x4707 due to lack of proper user input validation in cmdHandlerNewReportScheduler.dll. Formerly ZD… | |||
| CVE-2017-11385 | critical | 9.8 | 9.8 | 9y ago | SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHandlerStatusMonitor.dll. Formerly ZDI-CAN… | |||
| CVE-2017-11384 | critical | 9.8 | 9.8 | 9y ago | SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x3b21 due to lack of proper user input validation in mdHandlerLicenseManager.dll. Formerly ZDI-CAN… | |||
| CVE-2017-11383 | critical | 9.8 | 9.8 | 9y ago | SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x1b07 due to lack of proper user input validation in cmdHandlerTVCSCommander.dll. Formerly ZDI-CAN… | |||
| CVE-2017-8390 | critical | 9.8 | 9.8 | 9y ago | The DNS Proxy in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote attackers to execute arbitrary code via a crafted domain name. | |||
| CVE-2017-11494 | critical | 9.8 | 9.8 | 9y ago | SQL injection vulnerability in SOL.Connect ISET-mpp meter 1.2.4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a login action. | |||
| CVE-2017-12199 | critical | 9.8 | 9.8 | 9y ago | The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has SQL injection with these wp-admin/admin-ajax.php POST actions: catalogue_update_order list-item, video_update_order video-item, ima… | |||
| CVE-2017-4923 | critical | 9.8 | 9.8 | 9y ago | VMware vCenter Server (6.5 prior to 6.5 U1) contains an information disclosure vulnerability. This issue may allow plaintext credentials to be obtained when using the vCenter Server Appliance file-ba… | |||
| CVE-2017-11381 | critical | 9.8 | 9.8 | 9y ago | A command injection vulnerability exists in Trend Micro Deep Discovery Director 1.1 that allows an attacker to restore accounts that can access the pre-configuration console. | |||
| CVE-2017-11380 | critical | 9.8 | 9.8 | 9y ago | Backup archives were found to be encrypted with a static password across different installations, which suggest the same password may be used in all virtual appliance instances of Trend Micro Deep Di… | |||
| CVE-2017-11129 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The keystore is locked with a hard-coded password. Therefore, everyone with access to the keystore can read the content o… | |||
| CVE-2017-12065 | critical | 9.8 | 9.8 | 9y ago | spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter. | |||
| CVE-2017-11757 | critical | 9.8 | 9.8 | 9y ago | Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 allows remote attackers to execute arbitrary code via crafted traffic to TCP port 1583. The overflow occurs after Server-Client … | |||
| CVE-2017-11743 | critical | 9.8 | 9.8 | 9y ago | MEDHOST Connex contains a hard-coded Mirth Connect admin credential that is used for customer Mirth Connect management access. An attacker with knowledge of the hard-coded credential and the ability … | |||
| CVE-2017-9521 | critical | 9.8 | 9.8 | 9y ago | The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmw… | |||
| CVE-2017-9483 | critical | 9.8 | 9.8 | 9y ago | The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows Network Processor (NP) Linux users to obtain root access to the Application Processo… | |||
| CVE-2017-9482 | critical | 9.8 | 9.8 | 9y ago | The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to obtain root access to the Network Processor (NP) Linux system by… | |||
| CVE-2017-9479 | critical | 9.8 | 9.8 | 9y ago | The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to execute arbitrary commands as root by leveraging local network a… | |||
| CVE-2017-11720 | critical | 9.8 | 9.8 | 9y ago | There is a division-by-zero vulnerability in LAME 3.99.5, caused by a malformed input file. | |||
| CVE-2017-11715 | critical | 9.8 | 9.8 | 9y ago | job/uploadfile_save.php in MetInfo through 5.3.17 blocks the .php extension but not related extensions, which might allow remote authenticated admins to execute arbitrary PHP code by uploading a .pht… | |||
| CVE-2017-11645 | critical | 9.8 | 9.8 | 9y ago | NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or system_config.html. | |||
| CVE-2017-11184 | critical | 9.8 | 9.8 | 9y ago | SQL injection exists in front/devicesoundcard.php in GLPI before 9.1.5 via the start parameter. | |||
| CVE-2017-11673 | critical | 9.8 | 9.8 | 9y ago | Reporter.exe in Acunetix 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed PRE file, related to a "User Mode Write AV starting at re… | |||
| CVE-2017-11643 | critical | 9.8 | 9.8 | 9y ago | GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical widths. | |||
| CVE-2017-11641 | critical | 9.8 | 9.8 | 9y ago | GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files. | |||
| CVE-2017-11637 | critical | 9.8 | 9.8 | 9y ago | GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images. | |||
| CVE-2017-11636 | critical | 9.8 | 9.8 | 9y ago | GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths. | |||
| CVE-2017-11631 | critical | 9.8 | 9.8 | 9y ago | dapur/app/app_user/controller/status.php in Fiyo CMS 2.0.7 has SQL injection via the id parameter. | |||
| CVE-2017-11459 | critical | 9.8 | 9.8 | 9y ago | SAP TREX 7.10 allows remote attackers to (1) read arbitrary files via an fget command or (2) write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Not… | |||
| CVE-2017-11614 | critical | 9.8 | 9.8 | 9y ago | MEDHOST Connex contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the da… | |||
| CVE-2017-11324 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in Tilde CMS 1.0.1. Due to missing escaping of the backtick character, a SELECT query in class.SystemAction.php is vulnerable to SQL Injection. The vulnerability can be trigge… | |||
| CVE-2017-11589 | critical | 9.8 | 9.8 | 9y ago | On Cisco DDR2200 ADSL2+ Residential Gateway DDR2200B-NA-AnnexA-FCC-V00.00.03.45.4E and DDR2201v1 ADSL2+ Residential Gateway DDR2201v1-NA-AnnexA-FCC-V00.00.03.28.3 devices, there is no access control … | |||
| CVE-2017-11588 | critical | 9.8 | 9.8 | 9y ago | On Cisco DDR2200 ADSL2+ Residential Gateway DDR2200B-NA-AnnexA-FCC-V00.00.03.45.4E and DDR2201v1 ADSL2+ Residential Gateway DDR2201v1-NA-AnnexA-FCC-V00.00.03.28.3 devices, there is remote command exe… | |||
| CVE-2017-11585 | critical | 9.8 | 9.8 | 9y ago | dayrui FineCms 5.0.9 has remote PHP code execution via the param parameter in an action=cache request to libraries/Template.php, aka Eval Injection. | |||
| CVE-2017-11584 | critical | 9.8 | 9.8 | 9y ago | dayrui FineCms 5.0.9 has SQL Injection via the field parameter in an action=module, action=member, action=form, or action=related request to libraries/Template.php. | |||
| CVE-2017-11583 | critical | 9.8 | 9.8 | 9y ago | dayrui FineCms 5.0.9 has SQL Injection via the catid parameter in an action=related request to libraries/Template.php. | |||
| CVE-2017-11582 | critical | 9.8 | 9.8 | 9y ago | dayrui FineCms 5.0.9 has SQL Injection via the num parameter in an action=related or action=tags request to libraries/Template.php. | |||
| CVE-2017-11543 | critical | 9.8 | 9.8 | 9y ago | tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c. | |||
| CVE-2017-11542 | critical | 9.8 | 9.8 | 9y ago | tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c. | |||
| CVE-2017-11541 | critical | 9.8 | 9.8 | 9y ago | tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c. | |||
| CVE-2017-7336 | critical | 9.8 | 9.8 | 9y ago | A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lower versions allows a remote attacker to log-in and execute commands with 'upgrade' account privileges. | |||
| CVE-2017-3222 | critical | 9.8 | 9.8 | 9y ago | Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative privileges, including the ability to execute commands on the Microsoft Windows host platform with SYSTEM pri… | |||
| CVE-2017-3221 | critical | 9.8 | 9.8 | 9y ago | Blind SQL injection in Inmarsat AmosConnect 8 login form allows remote attackers to access user credentials, including user names and passwords. | |||
| CVE-2017-2126 | critical | 9.8 | 9.8 | 9y ago | WAPM-1166D firmware Ver.1.2.7 and earlier, WAPM-APG600H firmware Ver.1.16.1 and earlier allows remote attackers to bypass authentication and access the configuration interface via unspecified vectors. | |||
| CVE-2017-7480 | critical | 9.8 | 9.8 | 9y ago | rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution. | |||
| CVE-2017-11519 | critical | 9.8 | 9.8 | 9y ago | passwd_recovery.lua on the TP-Link Archer C9(UN)_V2_160517 allows an attacker to reset the admin password by leveraging a predictable random number generator seed. This is fixed in C9(UN)_V2_170511. | |||
| CVE-2017-9980 | critical | 9.8 | 9.8 | 9y ago | In Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, the "PING" (aka tag_ipPing) feature within the web interface allows performing command injection, via the "pip" parameter. | |||
| CVE-2017-9932 | critical | 9.8 | 9.8 | 9y ago | Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb has a default password of admin for the admin account. | |||
| CVE-2017-11502 | critical | 9.8 | 9.8 | 9y ago | Technicolor DPC3928AD DOCSIS devices allow remote attackers to read arbitrary files via a request starting with "GET /../" on TCP port 4321. | |||
| CVE-2017-11495 | critical | 9.8 | 9.8 | 9y ago | PHICOMM K2(PSG1218) devices V22.5.11.5 and earlier allow unauthenticated remote code execution via a request to an unspecified ASP script; alternatively, the attacker can leverage unauthenticated acc… | |||
| CVE-2017-7062 | critical | 9.8 | 9.8 | 9y ago | An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involve… | |||
| CVE-2017-6532 | critical | 9.8 | 9.8 | 9y ago | Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 have cleartext credentials in /mib.db. | |||
| CVE-2017-6531 | critical | 9.8 | 9.8 | 9y ago | On Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20, the backup/restore feature lacks access control, related to ReadFile.cgi and LoadCfgFile. | |||
| CVE-2017-6530 | critical | 9.8 | 9.8 | 9y ago | Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 do not check password.shtml authorization, leading to Arbitrary password change. | |||
| CVE-2017-9785 | critical | 9.8 | 9.8 | 9y ago | Deserialization of Untrusted Data in NancyFX Nancy | |||
| CVE-2017-11474 | critical | 9.8 | 9.8 | 9y ago | GLPI before 9.1.5.1 has SQL Injection in the $crit variable in inc/computer_softwareversion.class.php, exploitable via ajax/common.tabs.php. | |||
| CVE-2017-11471 | critical | 9.8 | 9.8 | 9y ago | IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter. | |||
| CVE-2017-11470 | critical | 9.8 | 9.8 | 9y ago | IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter. | |||
| CVE-2017-11465 | critical | 9.8 | 9.8 | 9y ago | The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial of service (invalid write or read) or possibly have unspecified other impact via a crafted Ruby script… | |||
| CVE-2017-7977 | critical | 9.8 | 9.8 | 9y ago | The Screensavercc component in eLux RP before 5.5.0 allows attackers to bypass intended configuration restrictions and execute arbitrary commands with root privileges by inserting commands in a local… | |||
| CVE-2017-11445 | critical | 9.8 | 9.8 | 9y ago | Subrion CMS before 4.1.6 has a SQL injection vulnerability in /front/actions.php via the $_POST array. | |||
| CVE-2017-11444 | critical | 9.8 | 9.8 | 9y ago | Subrion CMS before 4.1.5.10 has a SQL injection vulnerability in /front/search.php via the $_GET array. | |||
| CVE-2017-11436 | critical | 9.8 | 9.8 | 9y ago | D-Link DIR-615 before v20.12PTb04 has a second admin account with a 0x1 BACKDOOR value, which might allow remote attackers to obtain access via a TELNET connection. | |||
| CVE-2017-11435 | critical | 9.8 | 9.8 | 9y ago | The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability via specially crafted requests to the management console. The bug is exploitable remotely when the route… | |||
| CVE-2017-11420 | critical | 9.8 | 9.8 | 9y ago | Stack-based buffer overflow in ASUS_Discovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RT_AC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-… | |||
| CVE-2017-11419 | critical | 9.8 | 9.8 | 9y ago | Fiyo CMS 2.0.7 has SQL injection in /apps/app_article/controller/editor.php via $_POST['id'] and $_POST['art_title']. | |||
| CVE-2017-11418 | critical | 9.8 | 9.8 | 9y ago | Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/article_list.php via $_GET['cat'], $_GET['user'], $_GET['level'], and $_GET['iSortCol_'.$i]. | |||
| CVE-2017-11417 | critical | 9.8 | 9.8 | 9y ago | Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/article_status.php via $_GET['id']. | |||
| CVE-2017-11416 | critical | 9.8 | 9.8 | 9y ago | Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/insert.php via the name parameter. |