Show filters
49 Total Results
Displaying 21-30 of 49
Sort by:
Attacker Value
Unknown
CVE-2017-17939
Disclosure Date: December 28, 2017 (last updated November 26, 2024)
PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php.
0
Attacker Value
Unknown
CVE-2017-17938
Disclosure Date: December 28, 2017 (last updated November 26, 2024)
PHP Scripts Mall Single Theater Booking has XSS via the admin/viewtheatre.php theatreid parameter.
0
Attacker Value
Unknown
CVE-2017-17940
Disclosure Date: December 28, 2017 (last updated November 26, 2024)
PHP Scripts Mall Single Theater Booking has XSS via the title parameter to admin/sitesettings.php.
0
Attacker Value
Unknown
CVE-2017-17941
Disclosure Date: December 28, 2017 (last updated November 26, 2024)
PHP Scripts Mall Single Theater Booking has SQL Injection via the admin/movieview.php movieid parameter.
0
Attacker Value
Unknown
CVE-2017-17634
Disclosure Date: December 13, 2017 (last updated November 26, 2024)
Single Theater Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter.
0
Attacker Value
Unknown
CVE-2017-17633
Disclosure Date: December 13, 2017 (last updated November 26, 2024)
Multiplex Movie Theater Booking Script 3.1.5 has SQL Injection via the trailer-detail.php moid parameter, show-time.php moid parameter, or event-detail.php eid parameter.
0
Attacker Value
Unknown
CVE-2017-9646
Disclosure Date: August 14, 2017 (last updated November 26, 2024)
An Uncontrolled Search Path Element issue was discovered in Solar Controls Heating Control Downloader (HCDownloader) Version 1.0.1.15 and prior. An uncontrolled search path element has been identified, which could allow an attacker to execute arbitrary code on a target system using a malicious DLL file.
0
Attacker Value
Unknown
CVE-2016-9185
Disclosure Date: November 04, 2016 (last updated November 25, 2024)
In OpenStack Heat, by launching a new Heat stack with a local URL an authenticated user may conduct network discovery revealing internal network configuration. Affected versions are <=5.0.3, >=6.0.0 <=6.1.0, and ==7.0.0.
0
Attacker Value
Unknown
CVE-2016-1000136
Disclosure Date: October 10, 2016 (last updated November 25, 2024)
Reflected XSS in wordpress plugin heat-trackr v1.0
0
Attacker Value
Unknown
CVE-2015-5271
Disclosure Date: April 15, 2016 (last updated November 25, 2024)
The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keystone) before the OpenStack Object Storage (Swift) staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive information from private containers via unspecified vectors.
0
