映射到 CWE-77,CWE-89,CWE-564 的搜索结果 (4697)

CVE-2018-7735(发布:2018-03-06 14:29:00)NM
CVSS6.5

[原文]Afian FileRun (before 2018.02.13) suffers from a remote SQL injection vulnerability, when logged in as superuser, via the search parameter in a /?module=metadata&section=cpanel&page=list_filetypes request.

CVE-2018-7732(发布:2018-03-06 13:29:00)NM
CVSS7.5

[原文]An issue was discovered in YxtCMF 3.1. SQL Injection exists in ShitiController.class.php via the ids array parameter to exam/shiti/delshiti.html.

CVE-2018-7666(发布:2018-03-05 02:29:00)NM
CVSS7.5

[原文]An issue was discovered in ClipBucket before 4.0.0 Release 4902. SQL injection vulnerabilities exist in the actions/vote_channel.php channelId parameter, the ajax/commonAjax.php email parameter, and the ajax/commonAjax.php username parameter.

CVE-2017-9274(发布:2018-03-01 15:29:01)NM
CVSS9.3

[原文]A shell command injection in the obs-service-source_validator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs.

CVE-2018-7579(发布:2018-03-01 14:29:00)NM
CVSS6.5

[原文]\application\admin\controller\update_urls.class.php in YzmCMS 3.6 has SQL Injection via the catids array parameter to admin/update_urls/update_category_url.html.

CVE-2018-5314(发布:2018-03-01 12:29:00)NMS
CVSS5.0

[原文]Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition 9.3.0 allows remote attackers to execute a system command or read arbitrary files via an SSH login prompt.

首页上一页345678910下一页尾页 第5页 / 共783页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站