CVE-2017-16356

EPSS 0.30% · P53 Updated Feb 21, 2026

Public Exploits 1

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-16356

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Reflected XSS in Kubik-Rubik SIGE (aka Simple Image Gallery Extended) before 3.3.0 allows attackers to execute JavaScript in a victim's browser by having them visit a plugins/content/sige/plugin_sige/print.php link with a crafted img, name, or caption parameter.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Kubik-Rubik SIGE 跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Kubik-Rubik Simple Image Gallery Extended（SIGE）是使用在Joomla!（内容管理系统）中的一个图片管理扩展组件。 Kubik-Rubik SIGE 3.3.0之前版本中存在跨站脚本漏洞。攻击者可通过诱使用户访问带有特制的‘img’、‘name’或‘caption’参数的plugins/content/sige/plugin_sige/print.php链接利用该漏洞在用户浏览器中执行JavaScript代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2017-16356

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-16356

请登录查看更多情报信息。

http://packetstormsecurity.com/files/146422/Joomla-Kubik-Rubik-SIGE-3.2.3-Cross-Site-Scripting.htmlx_refsource_MISC
https://www.exploit-db.com/exploits/44104/exploitx_refsource_EXPLOIT-DB
https://nvd.nist.gov/vuln/detail/CVE-2017-16356

Same Patch Batch · n/a · 2018-02-20 · 27 CVEs total

CVE-2018-6356		CloudBees Jenkins和Jenkins LTS 路径遍历漏洞
CVE-2018-7259		Flight Sim Labs A320-X FSX / P3Dv4 installer 信息泄露漏洞
CVE-2017-18192		Photo,Video Locker-Calculator application for Android 信息泄露漏洞
CVE-2017-16835		Photo,Video Locker-Calculator application for Android 信息泄露漏洞
CVE-2015-9256		Datto ALTO和SIRIS devices 信息泄露漏洞
CVE-2015-9255		Datto ALTO和SIRIS devices 信息泄露漏洞
CVE-2015-9254		Datto ALTO和SIRIS devices 安全漏洞
CVE-2015-2081		Datto ALTO和SIRIS devices 输入验证漏洞
CVE-2018-7205		Kentico 跨站脚本漏洞
CVE-2018-7046		Kentico 操作系统命令注入漏洞
CVE-2018-6941		NAT32 HTTPD组件跨站请求伪造漏洞
CVE-2018-6940		NAT32 HTTPD组件跨站脚本漏洞
CVE-2018-6459		strongSwan 安全漏洞
CVE-2017-12415		OXID eSales OXID eShop 跨站请求伪造漏洞
CVE-2016-6272		EPIC MyChart SQL注入漏洞
CVE-2017-6193		APNGDis 缓冲区错误漏洞
CVE-2017-6192		APNGDis 缓冲区错误漏洞
CVE-2018-5477		ABB netCADOPS Web Application 信息泄露漏洞
CVE-2017-10963		Samsung Knox SDS IAM和EMM 安全漏洞
CVE-2015-6544		Combodo iTop 跨站脚本漏洞

Showing top 20 of 27 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2017-16356

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2017-16356

Public Exploits 1

I. Basic Information for CVE-2017-16356

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-16356

III. Intelligence Information for CVE-2017-16356

Same Patch Batch · n/a · 2018-02-20 · 27 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2017-16356

Leave a comment