Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2017
CVE-2017-17884
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file.
CVSS Score
6.5
EPSS Score
0.002
Published
2017-12-27
CVE-2017-17885
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file.
CVSS Score
6.5
EPSS Score
0.002
Published
2017-12-27
CVE-2017-17886
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service via a crafted psd image file.
CVSS Score
6.5
EPSS Score
0.003
Published
2017-12-27
CVE-2017-17887
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allows attackers to cause a denial of service via a crafted MNG image file that is processed by ReadOneMNGImage.
CVSS Score
6.5
EPSS Score
0.002
Published
2017-12-27
CVE-2017-17888
cgi-bin/write.cgi in Anti-Web through 3.8.7, as used on NetBiter / HMS, Ouman EH-net, Alliance System WS100 --> AWU 500, Sauter ERW100F001, Carlo Gavazzi SIU-DLG, AEDILIS SMART-1, SYXTHSENSE WebBiter, ABB SREA, and ASCON DY WebServer devices, allows remote authenticated users to execute arbitrary OS commands via crafted multipart/form-data content, a different vulnerability than CVE-2017-9097.
CVSS Score
8.8
EPSS Score
0.099
Published
2017-12-27
CVE-2017-17891
Readymade Video Sharing Script has CSRF via user-profile-edit.php.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-12-27
CVE-2017-17892
Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the search_video.php search parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2017-12-27
CVE-2017-17893
Readymade Video Sharing Script has XSS via the search_video.php search parameter, the viewsubs.php chnlid parameter, or the user-profile-edit.php fname parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-12-27
CVE-2017-17894
Readymade Job Site Script has CSRF via the /job URI.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-12-27
CVE-2017-17895
Readymade Job Site Script has SQL Injection via the location_name array parameter to the /job URI.
CVSS Score
9.8
EPSS Score
0.003
Published
2017-12-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved