CVE-2017-15962
iStock Management System 1.0 allows Arbitrary File Upload via user/profile.
Source: CVE-2017-15962
[월:] 2017년 10월
CVE-2017-15964
CVE-2017-15964
Job Board Script Software allows SQL Injection via the PATH_INFO to a /job-details URI.
Source: CVE-2017-15964
CVE-2017-15961
CVE-2017-15961
iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php.
Source: CVE-2017-15961
CVE-2017-15965
CVE-2017-15965
The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action.
Source: CVE-2017-15965
CVE-2017-15963
CVE-2017-15963
iTech Gigs Script 1.21 allows SQL Injection via the browse-scategory.php sc parameter or the service-provider.php ser parameter.
Source: CVE-2017-15963
CVE-2017-15966
CVE-2017-15966
The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php.
Source: CVE-2017-15966
CVE-2017-15968
CVE-2017-15968
MyBuilder Clone 1.0 allows SQL Injection via the phpsqlsearch_genxml.php subcategory parameter.
Source: CVE-2017-15968
CVE-2017-15974
CVE-2017-15974
tPanel 2009 allows SQL injection for Authentication Bypass via ‘or 1=1 or ”=’ to login.php.
Source: CVE-2017-15974
CVE-2017-15970
CVE-2017-15970
PHP CityPortal 2.0 allows SQL Injection via the nid parameter to index.php in a page=news action, or the cat parameter.
Source: CVE-2017-15970
CVE-2017-15967
CVE-2017-15967
Mailing List Manager Pro 3.0 allows SQL Injection via the edit parameter to admin/users in a sort=login action, or the edit parameter to admin/template.
Source: CVE-2017-15967