Skip to content
Commits on Source (2)
Show whitespace changes
Inline Side-by-side
data/CVE/list
View file @ 1c263142
......@@ -37347,6 +37347,7 @@ CVE-2017-17782 (In GraphicsMagick 1.3.27a, there is a heap-based buffer over-rea
CVE-2017-17781 (In Horde Groupware through 5.2.22, SQL Injection exists via the group ...)
- php-horde <undetermined>
NOTE: http://code610.blogspot.com/2017/12/modus-operandi-horde-52x.html
NOTE: https://bugs.horde.org/ticket/14857
CVE-2017-17780 (The Clockwork SMS clockwork-test-message.php component has XSS via a ...)
NOT-FOR-US: Clockwork SMS plugins for WordPress
CVE-2017-17779 (Paid To Read Script 2.0.5 has SQL injection via the referrals.php id ...)
......@@ -47680,14 +47681,17 @@ CVE-2017-16909
CVE-2017-16908 (In Horde Groupware 5.2.19, there is XSS via the Name field during ...)
- php-horde <undetermined>
NOTE: http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html
NOTE: https://bugs.horde.org/ticket/14857
TODO: check
CVE-2017-16907 (In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field ...)
- php-horde <undetermined>
NOTE: http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html
NOTE: https://bugs.horde.org/ticket/14857
TODO: check
CVE-2017-16906 (In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a ...)
- php-horde <undetermined>
NOTE: http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html
NOTE: https://bugs.horde.org/ticket/14857
TODO: check
CVE-2017-16905 (The DuoLingo TinyCards application before 1.0 for Android has one use ...)
NOT-FOR-US: DuoLingo TinyCards application