Total
22 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-6565 | 1 Imagely | 1 Nextgen Gallery | 2019-10-09 | 6.0 MEDIUM | 7.5 HIGH |
| The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 does not properly validate user input in the cssfile parameter of a HTTP POST request, which may allow an authenticated user to read arbitrary files from the server, or execute arbitrary code on the server in some circumstances (dependent on server configuration). | |||||
| CVE-2014-9186 | 1 Honeywell | 1 Experion Process Knowledge System | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to accepting an arbitrary file into the function, and potential information disclosure or remote code execution. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version. | |||||