本ページは dtracker_project dtracker に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2017-1002007 | Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_mail.php doesn't check that the user is authorized before injecting new contacts into the wp_contact table. | [email protected] | 7.5 | 4.62% | 2017-09-14 | 2026-05-13 |
| CVE-2017-1002006 | Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_contact.php doesn't check that the user is authorized before injecting new contacts into the wp_contact table. | [email protected] | 7.5 | 4.62% | 2017-09-14 | 2026-05-13 |
| CVE-2017-1002005 | Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/delete.php user input isn't sanitized via the contact_id variable before adding it to the end of an SQL query. | [email protected] | 7.5 | 5.41% | 2017-09-14 | 2026-05-13 |
| CVE-2017-1002004 | Vulnerability in wordpress plugin DTracker v1.5, In file ./dtracker/download.php user input isn't sanitized via the id variable before adding it to the end of an SQL query. | [email protected] | 7.5 | 5.50% | 2017-09-14 | 2026-05-13 |