CVE & Exploit Intelligence Database

CVE-2016-7981 6.1 MEDIUM NUCLEI EPSS 0.37

Cross-site scripting (XSS) vulnerability in valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the var_url parameter in a valider_xml action.

CWE-79 Jan 18, 2017

CVE-2016-7906 5.5 MEDIUM 1 Writeup EPSS 0.00

magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file.

CWE-416 Jan 18, 2017

CVE-2016-7799 6.5 MEDIUM 1 Writeup EPSS 0.01

MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.

CWE-125 Jan 18, 2017

CVE-2016-7150 5.4 MEDIUM EPSS 0.00

Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the site name.

CWE-79 Jan 18, 2017

CVE-2016-7149 6.1 MEDIUM EPSS 0.01

Cross-site scripting (XSS) vulnerability in b2evolution 6.7.5 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to the autolink function.

CWE-79 Jan 18, 2017

CVE-2016-7101 6.5 MEDIUM EPSS 0.01

The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.

CWE-125 Jan 18, 2017

CVE-2015-8684 6.1 MEDIUM EPSS 0.00

Exponent CMS before 2.3.7 does not properly restrict the types of files that can be uploaded, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly have other unspecified impact as demonstrated by uploading a file with an .html extension, then accessing it via the elFinder functionality.

CWE-79 Jan 18, 2017

CVE-2015-8667 6.1 MEDIUM EPSS 0.00

Cross-site scripting (XSS) vulnerability in Reset Your Password module in Exponent CMS before 2.3.5 allows remote attackers to inject arbitrary web script or HTML via the Username/Email.

CWE-79 Jan 18, 2017

CVE-2014-9913 4.0 MEDIUM EPSS 0.04

Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method.

CWE-119 Jan 18, 2017

CVE-2017-5516 6.1 MEDIUM EPSS 0.00

Multiple cross-site scripting (XSS) vulnerabilities in the user forms in GeniXCMS through 0.0.8 allow remote attackers to inject arbitrary web script or HTML via crafted parameters.

CWE-79 Jan 17, 2017

CVE-2017-5515 5.4 MEDIUM EPSS 0.00

Cross-site scripting (XSS) vulnerability in the user prompt function in GeniXCMS through 0.0.8 allows remote authenticated users to inject arbitrary web script or HTML via tag names.

CWE-79 Jan 17, 2017

CVE-2017-5223 5.5 MEDIUM 2 PoCs Analysis EPSS 0.12

An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method applies transformations to an HTML document to make it usable as an email message body. One of the transformations is to convert relative image URLs into attachments using a script-provided base directory. If no base directory is provided, it resolves to /, meaning that relative image URLs get treated as absolute local file paths and added as attachments. To form a remote vulnerability, the msgHTML method must be called, passed an unfiltered, user-supplied HTML document, and must not set a base directory.

CWE-200 Jan 16, 2017

CVE-2017-5494 5.4 MEDIUM 1 Writeup EPSS 0.00

Multiple cross-site scripting (XSS) vulnerabilities in the file types table in b2evolution through 6.8.3 allow remote authenticated users to inject arbitrary web script or HTML via a .swf file in a (1) comment frame or (2) avatar frame.

CWE-79 Jan 15, 2017

CVE-2017-5491 5.3 MEDIUM 1 Writeup EPSS 0.02

wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.

CWE-1188 Jan 15, 2017

CVE-2017-5490 6.1 MEDIUM 1 Writeup EPSS 0.01

Cross-site scripting (XSS) vulnerability in the theme-name fallback functionality in wp-includes/class-wp-theme.php in WordPress before 4.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted directory name of a theme, related to wp-admin/includes/class-theme-installer-skin.php.

CWE-79 Jan 15, 2017

CVE-2017-5488 6.1 MEDIUM 1 Writeup EPSS 0.01

Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) version header of a plugin.

CWE-79 Jan 15, 2017

CVE-2017-5487 5.3 MEDIUM 12 PoCs Analysis EPSS 0.92

wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request.

CWE-200 Jan 15, 2017

CVE-2017-5474 6.1 MEDIUM 1 Writeup EPSS 0.00

Open redirect vulnerability in comment.php in Serendipity through 2.0.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header.

CWE-601 Jan 14, 2017

CVE-2017-0398 5.5 MEDIUM EPSS 0.00

An information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android IDs: A-32438594, A-32635664.

CWE-200 Jan 13, 2017

CVE-2016-9813 5.5 MEDIUM 1 PoC Analysis EPSS 0.05

The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.

CWE-476 Jan 13, 2017