CVE-2017-17905
PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php.
Source: CVE-2017-17905
[월:] 2017년 12월
CVE-2017-17908
CVE-2017-17908
PHP Scripts Mall Responsive Realestate Script has CSRF via admin/general.
Source: CVE-2017-17908
CVE-2017-17934
CVE-2017-17934
ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.
Source: CVE-2017-17934
CVE-2017-17931
CVE-2017-17931
PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter.
Source: CVE-2017-17931
CVE-2017-17907
CVE-2017-17907
PHP Scripts Mall Car Rental Script has XSS via the admin/areaedit.php carid parameter or the admin/sitesettings.php websitename parameter.
Source: CVE-2017-17907
CVE-2017-17911
CVE-2017-17911
packages/core/contact.php in Archon 3.21 rev-1 has XSS in the referer parameter in an index.php?p=core/contact request, aka Open Bug Bounty ID OBB-278503.
Source: CVE-2017-17911
CVE-2017-17909
CVE-2017-17909
PHP Scripts Mall Responsive Realestate Script has XSS via the admin/general.php gplus parameter.
Source: CVE-2017-17909
CVE-2017-17913
CVE-2017-17913
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type.
Source: CVE-2017-17913
CVE-2017-17914
CVE-2017-17914
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.
Source: CVE-2017-17914
CVE-2017-17912
CVE-2017-17912
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region.
Source: CVE-2017-17912