CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 3 and 3.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
451 CVE-2018-15365 79 XSS Bypass CSRF 2018-09-28 2018-11-16
3.5
None Remote Medium Single system None Partial None
A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the vulnerability.
452 CVE-2018-15199 79 XSS 2018-08-07 2018-10-04
3.5
None Remote Medium Single system None Partial None
AuraCMS 2.3 allows XSS via a Bukutamu -> AddGuestbook action.
453 CVE-2018-15190 79 XSS 2018-08-10 2018-10-06
3.5
None Remote Medium Single system None Partial None
PHP Scripts Mall hotel-booking-script 2.0.4 allows XSS via the First Name, Last Name, or Address field.
454 CVE-2018-15189 79 XSS 2018-08-10 2018-10-05
3.5
None Remote Medium Single system None Partial None
PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile.
455 CVE-2018-15184 79 XSS 2018-08-09 2018-10-09
3.5
None Remote Medium Single system None Partial None
PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 has Stored XSS via the USERNAME field, a related issue to CVE-2018-6795.
456 CVE-2018-15182 79 XSS 2018-08-09 2018-10-05
3.5
None Remote Medium Single system None Partial None
PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the FirstName and LastName fields.
457 CVE-2018-15130 79 XSS 2018-08-07 2018-10-05
3.5
None Remote Medium Single system None Partial None
ThinkSAAS through 2018-07-25 has XSS via the index.php?app=group&ac=create&ts=do groupdesc parameter.
458 CVE-2018-15129 79 XSS 2018-08-07 2018-10-05
3.5
None Remote Medium Single system None Partial None
ThinkSAAS through 2018-07-25 has XSS via the index.php?app=article&ac=comment&ts=do content parameter.
459 CVE-2018-15000 264 2019-04-25 2019-05-02
3.3
None Local Medium Not required Partial Partial None
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.smartshot (versionCode=1, versionName=3.0.0). This app contains an exported service named com.vivo.smartshot.ui.service.ScreenRecordService that will record the screen for 60 minutes and write the mp4 file to a location of the user's choosing. Normally, a recording notification will be visible to the user, but we discovered an approach to make it mostly transparent to the user by quickly removing a notification and floating icon. The user can see a floating icon and notification appear and disappear quickly due to quickly stopping and restarting the service with different parameters that do not interfere with the ongoing screen recording. The screen recording lasts for 60 minutes and can be written directly to the attacking app's private directory.
460 CVE-2018-14980 77 DoS 2019-04-25 2019-05-02
3.6
None Local Low Not required Partial Partial None
The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/US_Phone/ASUS_X008_1:7.0/NRD90M/US_Phone-14.14.1711.92-20171208:user/release-keys contains the android framework (i.e., system_server) with a package name of android (versionCode=24, versionName=7.0) that has been modified by ASUS or another entity in the supply chain. The system_server process in the core android package has an exported broadcast receiver that allows any app co-located on the device to programmatically initiate the taking of a screenshot and have the resulting screenshot be written to external storage (i.e., sdcard). The taking of a screenshot is not transparent to the user; the device has a screen animation as the screenshot is taken and there is a notification indicating that a screenshot occurred. If the attacking app also requests the EXPAND_STATUS_BAR permission, it can wake the device up using certain techniques and expand the status bar to take a screenshot of the user's notifications even if the device has an active screen lock. The notifications may contain sensitive data such as text messages used in two-factor authentication. The system_server process that provides this capability cannot be disabled, as it is part of the Android framework. The notification can be removed by a local Denial of Service (DoS) attack to reboot the device.
461 CVE-2018-14976 79 XSS 2018-08-06 2018-10-03
3.5
None Remote Medium Single system None Partial None
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/category.php has XSS.
462 CVE-2018-14975 79 XSS 2018-08-06 2018-10-03
3.5
None Remote Medium Single system None Partial None
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/album.php has XSS.
463 CVE-2018-14974 79 XSS 2018-08-06 2018-10-03
3.5
None Remote Medium Single system None Partial None
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/news.php has XSS.
464 CVE-2018-14973 79 XSS 2018-08-06 2018-10-03
3.5
None Remote Medium Single system None Partial None
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/product.php has XSS.
465 CVE-2018-14972 79 XSS 2018-08-06 2018-10-03
3.5
None Remote Medium Single system None Partial None
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/down.php has XSS.
466 CVE-2018-14971 79 XSS 2018-08-06 2018-10-03
3.5
None Remote Medium Single system None Partial None
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/user.php has XSS.
467 CVE-2018-14970 79 XSS 2018-08-06 2018-10-03
3.5
None Remote Medium Single system None Partial None
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/slideshow.php has XSS.
468 CVE-2018-14969 79 XSS 2018-08-06 2018-10-03
3.5
None Remote Medium Single system None Partial None
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/system.php has XSS.
469 CVE-2018-14964 79 XSS 2018-08-06 2018-10-04
3.5
None Remote Medium Single system None Partial None
An issue was discovered in EMLsoft 5.4.5. XSS exists via the eml/upload/eml/?action=address&do=edit page.
470 CVE-2018-14962 79 XSS 2018-08-06 2018-10-04
3.5
None Remote Medium Single system None Partial None
zzcms 8.3 has stored XSS related to the content variable in user/manage.php and zt/show.php.
471 CVE-2018-14937 79 XSS 2018-08-04 2018-09-27
3.5
None Remote Medium Single system None Partial None
The Add page option in my little forum 2.4.12 allows XSS via the Menu Link field.
472 CVE-2018-14936 79 XSS 2018-08-04 2018-09-27
3.5
None Remote Medium Single system None Partial None
The Add page option in my little forum 2.4.12 allows XSS via the Title field.
473 CVE-2018-14934 284 2018-11-15 2018-12-19
3.3
None Local Network Low Not required Partial None None
The Bluetooth subsystem on Polycom Trio devices with software before 5.5.4 has Incorrect Access Control. An attacker can connect without authentication and subsequently record audio from the device microphone.
474 CVE-2018-14890 79 XSS 2018-09-21 2018-11-07
3.5
None Remote Medium Single system None Partial None
Vectra Networks Cognito Brain and Sensor before 4.2 contains a cross-site scripting (XSS) vulnerability in the Web Management Console.
475 CVE-2018-14877 79 XSS 2018-08-02 2018-09-27
3.5
None Remote Medium Single system None Partial None
An issue was discovered in WeaselCMS v0.3.5. XSS exists via Site Language, Site Title, Site Description, and Site Keywords on the SETTINGS page.
476 CVE-2018-14875 79 XSS 2019-04-30 2019-05-03
3.5
None Remote Medium Single system None Partial None
An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. Reflected XSS exists with an authenticated session via the Customerid, formName, FrameId, or MODE parameter.
477 CVE-2018-14873 79 XSS 2018-08-02 2018-09-27
3.5
None Remote Medium Single system None Partial None
An issue was discovered in Rincewind 0.1. There is a cross-site scripting (XSS) vulnerability involving a p=account request to index.php and another file named commonPages.php.
478 CVE-2018-14869 79 XSS 2018-08-06 2018-10-04
3.5
None Remote Medium Single system None Partial None
PHP Template Store Script 3.0.6 allows XSS via the Address line 1, Address Line 2, Bank name, or A/C Holder name field in a profile.
479 CVE-2018-14853 476 Exec Code 2018-12-17 2019-01-08
3.3
None Local Network Low Not required None None Partial
A NULL pointer dereference in dhd_prot_txdata_write_flush in drivers/net/wireless/bcmdhd4358/dhd_msgbuf.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device to reboot. The Samsung ID is SVE-2018-11783.
480 CVE-2018-14850 79 +Priv XSS 2018-08-13 2018-10-10
3.5
None Remote Medium Single system None Partial None
Stored XSS vulnerabilities in Tiki before 18.2, 15.7 and 12.14 allow an authenticated user injecting JavaScript to gain administrator privileges if an administrator opens a wiki page and moves the mouse pointer over a modified link or thumb image.
481 CVE-2018-14849 79 XSS 2018-08-13 2018-10-10
3.5
None Remote Medium Single system None Partial None
Tiki before 18.2, 15.7 and 12.14 has XSS via link attributes, related to lib/core/WikiParser/OutputLink.php and lib/parser/parserlib.php.
482 CVE-2018-14846 79 XSS 2018-12-20 2019-01-24
3.5
None Remote Medium Single system None Partial None
The Mondula Multi Step Form plugin before 1.2.8 for WordPress has multiple stored XSS via wp-admin/admin-ajax.php.
483 CVE-2018-14837 79 XSS 2018-08-10 2018-10-05
3.5
None Remote Medium Single system None Partial None
Wolf CMS 0.8.3.1 has XSS in the Snippets tab, as demonstrated by a ?/admin/snippet/edit/1 URI.
484 CVE-2018-14835 79 XSS 2018-08-01 2018-09-28
3.5
None Remote Medium Single system None Partial None
Subrion CMS v4.2.1 is vulnerable to Stored XSS because of no escaping added to the tooltip information being displayed in multiple areas.
485 CVE-2018-14777 79 XSS 2018-08-01 2018-10-02
3.5
None Remote Medium Single system None Partial None
An issue was discovered in DataLife Engine (DLE) through 13.0. An attacker can use XSS (related to the /addnews.html and /index.php?do=addnews URIs) to send a malicious script to unsuspecting Admins or users.
486 CVE-2018-14776 79 XSS 2018-08-01 2018-09-27
3.5
None Remote Medium Single system None Partial None
Click Studios Passwordstate before 8.3 Build 8397 allows XSS by authenticated users via an uploaded HTML document.
487 CVE-2018-14664 79 Exec Code XSS 2018-10-12 2019-05-14
3.5
None Remote Medium Single system None Partial None
A flaw was found in foreman from versions 1.18. A stored cross-site scripting vulnerability exists due to an improperly escaped HTML code in the breadcrumbs bar. This allows a user with permissions to edit which attribute is used in the breadcrumbs bar to store code that will be executed on the client side.
488 CVE-2018-14636 284 2018-09-10 2018-12-07
3.5
None Remote Medium Single system Partial None None
Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due to the Open vSwitch integration bridge being connected to the instance during migration. When connected to the integration bridge, all traffic for instances using the same Open vSwitch instance would potentially be visible to the migrated guest, as the required Open vSwitch VLAN filters are only applied post-migration. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3, 11.0.5 are vulnerable.
489 CVE-2018-14606 79 XSS 2018-07-26 2018-09-18
3.5
None Remote Medium Single system None Partial None
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur via a Milestone name during a promotion.
490 CVE-2018-14605 79 XSS 2018-07-26 2018-09-18
3.5
None Remote Medium Single system None Partial None
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur in the branch name during a Web IDE file commit.
491 CVE-2018-14541 79 XSS 2018-08-03 2018-09-27
3.5
None Remote Medium Single system None Partial None
PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields.
492 CVE-2018-14526 320 2018-08-08 2019-05-08
3.3
None Local Network Low Not required Partial None None
An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information.
493 CVE-2018-14497 79 XSS 2018-08-03 2018-09-28
3.5
None Remote Medium Single system None Partial None
Tenda D152 ADSL routers allow XSS via a crafted SSID.
494 CVE-2018-14432 200 Bypass +Info 2018-07-31 2018-10-12
3.5
None Remote Medium Single system Partial None None
In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/projects" request may bypass intended access restrictions on listing projects. An authenticated user may discover projects they have no authority to access, leaking all projects in the deployment and their attributes. Only Keystone with the /v3/OS-FEDERATION endpoint enabled via policy.json is affected.
495 CVE-2018-14419 79 XSS 2018-07-19 2018-09-14
3.5
None Remote Medium Single system None Partial None
MetInfo 6.0.0 allows XSS via a modified name of the navigation bar on the home page.
496 CVE-2018-14397 79 XSS 2018-09-07 2018-10-31
3.5
None Remote Medium Single system None Partial None
An issue was discovered in Creme CRM 1.6.12. The organization creation page is affected by 9 stored cross-site scripting vulnerabilities involving the name, billing_address-address, billing_address-zipcode, billing_address-city, billing_address-department, shipping_address-address, shipping_address-zipcode, shipping_address-city, and shipping_address-department parameters.
497 CVE-2018-14396 79 XSS 2018-09-07 2018-10-31
3.5
None Remote Medium Single system None Partial None
An issue was discovered in Creme CRM 1.6.12. The salesman creation page is affected by 10 stored cross-site scripting vulnerabilities involving the firstname, lastname, billing_address-address, billing_address-zipcode, billing_address-city, billing_address-department, shipping_address-address, shipping_address-zipcode, shipping_address-city, and shipping_address-department parameters.
498 CVE-2018-14388 79 XSS 2018-07-18 2018-09-12
3.5
None Remote Medium Single system None Partial None
joyplus-cms 1.6.0 has XSS via the manager/admin_ajax.php can_search_device array parameter.
499 CVE-2018-14329 362 2018-07-16 2018-09-13
3.3
None Local Medium Not required None Partial Partial
In HTSlib 1.8, a race condition in cram/cram_io.c might allow local users to overwrite arbitrary files via a symlink attack.
500 CVE-2018-14082 79 XSS 2018-07-18 2018-09-14
3.5
None Remote Medium Single system None Partial None
PHP Scripts Mall JOB SITE (aka Job Portal) 3.0.1 has Cross-site Scripting (XSS) via the search bar.
Total number of vulnerabilities : 4066   Page : 1 2 3 4 5 6 7 8 9 10 (This Page)11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.