Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-23 | CVE-2015-7743 | XXE vulnerability in Paessler Prtg Network Monitor XML external entity vulnerability in PRTG Network Monitor before 16.2.23.3077/3078 allows remote authenticated users to read arbitrary files by creating a new HTTP XML/REST Value sensor that accesses a crafted XML file. | 6.5 |
| 2017-01-23 | CVE-2014-9772 | Cross-site Scripting vulnerability in Nodejs Node.Js The validator package before 2.0.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via hex-encoded characters. | 6.1 |
| 2017-01-23 | CVE-2013-7454 | Cross-site Scripting vulnerability in Nodejs Node.Js The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via nested forbidden strings. | 6.1 |
| 2017-01-23 | CVE-2013-7453 | Cross-site Scripting vulnerability in Nodejs Node.Js The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via vectors related to UI redressing. | 6.1 |
| 2017-01-23 | CVE-2013-7452 | Cross-site Scripting vulnerability in Nodejs Node.Js The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via a crafted javascript URI. | 6.1 |
| 2017-01-23 | CVE-2013-7451 | Cross-site Scripting vulnerability in Nodejs Node.Js 1.0.4 The validator module before 1.1.0 for Node.js allows remote attackers to bypass the XSS filter via a nested tag. | 6.1 |
| 2017-01-23 | CVE-2017-5553 | Cross-site Scripting vulnerability in B2Evolution Cross-site scripting (XSS) vulnerability in plugins/markdown_plugin/_markdown.plugin.php in b2evolution before 6.8.5 allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL. | 5.4 |
| 2017-01-23 | CVE-2017-5544 | Resource Exhaustion vulnerability in Fiberhome Fengine S5800 Firmware V210R240 An issue was discovered on FiberHome Fengine S5800 switches V210R240. | 5.9 |
| 2017-01-23 | CVE-2016-9870 | LDAP Injection vulnerability in EMC Isilon Onefs EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system. | 6.7 |
| 2017-01-23 | CVE-2016-8213 | Cross-site Scripting vulnerability in EMC products EMC Documentum WebTop Version 6.8, prior to P18 and Version 6.8.1, prior to P06; and EMC Documentum TaskSpace version 6.7SP3, prior to P02; and EMC Documentum Capital Projects Version 1.9, prior to P30 and Version 1.10, prior to P17; and EMC Documentum Administrator Version 7.0, Version 7.1, and Version 7.2 prior to P18 contain a Stored Cross-Site Scripting Vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 6.1 |