CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
801 CVE-2018-18936 22 Dir. Trav. 2018-11-05 2018-12-11
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in PopojiCMS v2.0.1. admin_library.php allows remote attackers to delete arbitrary files via directory traversal in the po-admin/route.php?mod=library&act=delete id parameter.
802 CVE-2018-18935 352 CSRF 2018-11-05 2018-12-10
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the po-admin/route.php?mod=component&act=addnew URI, as demonstrated by adding a level=1 account.
803 CVE-2018-18891 287 2018-10-31 2018-12-03
6.4
None Remote Low Not required None Partial Partial
MiniCMS 1.10 allows file deletion via /mc-admin/post.php?state=delete&delete= because the authentication check occurs too late.
804 CVE-2018-18881 254 DoS 2019-03-21 2019-04-03
6.8
None Remote Low Single system None None Complete
A Denial of Service (DOS) issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05. An authenticated user can configure invalid network settings, stopping TCP based communications to the device. A physical factory reset is required to restore the device to an operational state.
805 CVE-2018-18879 94 2019-06-18 2019-06-18
6.5
None Remote Low Single system Partial Partial Partial
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can pipe commands directly to the underlying operating system as user input is not sanitized in networkdiags.php.
806 CVE-2018-18877 287 2019-06-18 2019-06-18
6.5
None Remote Low Single system Partial Partial Partial
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can access an alternative configuration page config_main.php that allows manipulation of the device.
807 CVE-2018-18873 476 2018-10-31 2019-01-03
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c.
808 CVE-2018-18862 264 2019-03-21 2019-04-02
6.5
None Remote Low Single system Partial Partial Partial
BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control in ITAM forms, as demonstrated by TLS%3APLR-Configuration+Details/Default+Admin+View/, AST%3AARServerConnection/Default+Admin+View/, and AR+System+Administration%3A+Server+Information/Default+Admin+View/.
809 CVE-2018-18842 352 Exec Code CSRF 2018-10-30 2019-01-09
6.8
None Remote Medium Not required Partial Partial Partial
CSRF exists in zb_users/plugin/AppCentre/theme.js.php in Z-BlogPHP 1.5.2.1935 (Zero), which allows remote attackers to execute arbitrary PHP code.
810 CVE-2018-18820 119 DoS Exec Code Overflow 2018-11-05 2019-01-23
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution.
811 CVE-2018-18802 352 CSRF 2019-06-18 2019-06-18
6.8
None Remote Medium Not required Partial Partial Partial
The Tubigan "Welcome to our Resort" 1.0 software allows CSRF via admin/mod_users/controller.php?action=edit.
812 CVE-2018-18799 352 CSRF 2018-11-16 2018-12-18
6.8
None Remote Medium Not required Partial Partial Partial
School Attendance Monitoring System 1.0 has CSRF via event/controller.php?action=photos.
813 CVE-2018-18797 352 CSRF 2018-11-16 2018-12-18
6.8
None Remote Medium Not required Partial Partial Partial
School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.php.
814 CVE-2018-18794 352 CSRF 2018-11-16 2018-12-18
6.8
None Remote Medium Not required Partial Partial Partial
School Event Management System 1.0 allows CSRF via user/controller.php?action=edit.
815 CVE-2018-18790 89 Sql 2018-10-29 2018-12-04
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in zzcms 8.3. SQL Injection exists in admin/special_add.php via a zxbigclassid cookie. (This needs an admin user login.)
816 CVE-2018-18788 89 Sql 2018-10-29 2018-12-04
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in zzcms 8.3. SQL Injection exists in admin/classmanage.php via the tablename parameter. (This needs an admin user login.)
817 CVE-2018-18784 89 Sql 2018-10-29 2018-12-04
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in zzcms 8.3. SQL Injection exists in admin/tagmanage.php via the tabletag parameter. (This needs an admin user login.)
818 CVE-2018-18773 352 CSRF 2018-11-20 2018-11-29
6.8
None Remote Medium Not required Partial Partial Partial
CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allows CSRF via admin/index.php?module=rootpwd, as demonstrated by changing the root password.
819 CVE-2018-18772 352 CSRF 2018-11-20 2018-11-29
6.8
None Remote Medium Not required Partial Partial Partial
CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allows CSRF via admin/index.php?module=send_ssh, as demonstrated by executing an arbitrary OS command.
820 CVE-2018-18765 125 DoS 2018-10-29 2018-12-07
6.4
None Remote Low Not required Partial None Partial
An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in mg_mqtt_next_subscribe_topic. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially resulting in information disclosure and denial of service. An attacker needs to send a specially crafted MQTT packet over the network to trigger this vulnerability.
821 CVE-2018-18764 125 DoS 2018-10-29 2018-12-07
6.4
None Remote Low Not required Partial None Partial
An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in a parse_mqtt getu16 call. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially resulting in information disclosure and denial of service. An attacker needs to send a specially crafted MQTT packet over the network to trigger this vulnerability.
822 CVE-2018-18742 352 CSRF 2018-10-29 2018-11-14
6.8
None Remote Medium Not required Partial Partial Partial
A CSRF issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_User.php?Class=add&CF=user URI.
823 CVE-2018-18735 352 CSRF 2018-10-29 2018-11-14
6.8
None Remote Medium Not required Partial Partial Partial
A CSRF issue was discovered in admin/Index/tiquan in catfish blog 2.0.33.
824 CVE-2018-18734 352 CSRF 2018-10-29 2018-11-13
6.8
None Remote Medium Not required Partial Partial Partial
A CSRF issue was discovered in admin/Index/addmanageuser.html in Catfish CMS 4.8.30.
825 CVE-2018-18712 352 CSRF 2018-10-29 2018-11-16
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's username via index.php?m=member&f=index&v=edit&uid=1.
826 CVE-2018-18711 352 CSRF 2018-10-29 2018-11-16
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's password via index.php?m=core&f=panel&v=edit_info.
827 CVE-2018-18699 787 2018-10-29 2018-12-06
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in GoPro gpmf-parser 1.2.1. There is an out-of-bounds write in OpenMP4Source in GPMF_mp4reader.c.
828 CVE-2018-18696 352 CSRF 2018-12-28 2019-05-15
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** main.aspx in Microstrategy Analytics 10.4.0026.0049 and earlier has CSRF. NOTE: The vendor claims that documentation for preventing a CSRF attack has been provided (https://community.microstrategy.com/s/article/KB37643-New-security-feature-introduced-in-MicroStrategy-Web-9-0?language=en_US) and disagrees that this issue is a vulnerability. They also claim that MicroStrategy was never properly informed of this issue via normal support channels or their vulnerability reporting page on their website, so they were unable to evaluate the report or explain how this is something their customers view as a feature and not a security vulnerability.
829 CVE-2018-18646 918 2018-12-04 2018-12-27
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows SSRF.
830 CVE-2018-18626 20 2018-10-23 2018-12-04
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in PHPYun V4.6. There is a vulnerability that can delete any file or directory via the "admin/index.php?m=database&c=del" sql parameter because del_action() in admin/model/database.class.php mishandles this parameter.
831 CVE-2018-18599 787 2018-10-23 2018-12-04
6.8
None Remote Medium Not required Partial Partial Partial
Stegdetect through 2018-05-26 has an out-of-bounds write in f5_compress in the f5.c file.
832 CVE-2018-18583 119 Overflow 2018-10-22 2018-12-03
6.8
None Remote Medium Not required Partial Partial Partial
An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer overflow in insertByte in miniz/lupng.c during a write operation for data obtained from a swap.
833 CVE-2018-18582 119 Overflow 2018-10-22 2018-12-03
6.8
None Remote Medium Not required Partial Partial Partial
An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer overflow in insertByte in miniz/lupng.c during a write operation for data obtained from a palette.
834 CVE-2018-18581 119 Overflow 2018-10-22 2018-12-03
6.8
None Remote Medium Not required Partial Partial Partial
An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer over-read in internalPrintf in miniz/lupng.c.
835 CVE-2018-18571 287 2019-06-05 2019-06-05
6.4
None Remote Low Not required Partial Partial None
An Incorrect Access Control vulnerability has been identified in Citrix XenMobile Server 10.8.0 before Rolling Patch 6 and 10.9.0 before Rolling Patch 3. An attacker can impersonate and take actions on behalf of any Mobile Application Management (MAM) enrolled device.
836 CVE-2018-18559 416 2018-10-22 2019-05-14
6.8
None Remote Medium Not required Partial Partial Partial
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain multithreaded case involving a packet_do_bind unregister action followed by a packet_notifier register action. Later, packet_release operates on only one of the two applicable linked lists. The attacker can achieve Program Counter control.
837 CVE-2018-18558 20 Exec Code Bypass 2019-05-13 2019-05-14
6.9
None Local Medium Not required Complete Complete Complete
An issue was discovered in Espressif ESP-IDF 2.x and 3.x before 3.0.6 and 3.1.x before 3.1.1. Insufficient validation of input data in the 2nd stage bootloader allows a physically proximate attacker to bypass secure boot checks and execute arbitrary code, by crafting an application binary that overwrites a bootloader code segment in process_segment in components/bootloader_support/src/esp_image_format.c. The attack is effective when the flash encryption feature is not enabled, or if the attacker finds a different vulnerability that allows them to write this binary to flash memory.
838 CVE-2018-18557 787 2018-10-22 2019-05-09
6.8
None Remote Medium Not required Partial Partial Partial
LibTIFF 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write.
839 CVE-2018-18550 89 Sql 2018-10-21 2018-12-04
6.5
None Remote Low Single system Partial Partial Partial
ServersCheck Monitoring Software before 14.3.4 allows SQL Injection by an authenticated user.
840 CVE-2018-18519 426 +Priv 2018-11-19 2018-12-17
6.8
None Remote Medium Not required Partial Partial Partial
BestXsoftware Best Free Keylogger 5.2.9 allows local users to gain privileges via a Trojan horse "%PROGRAMFILES%\BFK 5.2.9\syscrb.exe" file because of insecure permissions for the BUILTIN\Users group.
841 CVE-2018-18489 20 DoS 2019-04-16 2019-04-17
6.8
None Remote Low Single system None None Complete
The ping feature in the Diagnostic functionality on TP-LINK WR840N v2 Firmware 3.16.9 Build 150701 Rel.51516n devices allows remote attackers to cause a denial of service (HTTP service termination) by modifying the packet size to be higher than the UI limit of 1472.
842 CVE-2018-18485 22 Dir. Trav. 2018-10-18 2019-01-08
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in PHPSHE 1.7. admin.php?mod=db&act=del allows remote attackers to delete arbitrary files via directory traversal sequences in the dbname parameter. This can be leveraged to reload the product by deleting install.lock.
843 CVE-2018-18483 190 DoS Overflow 2018-10-18 2018-12-29
6.8
None Remote Medium Not required Partial Partial Partial
The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.
844 CVE-2018-18444 787 2018-10-17 2018-11-30
6.8
None Remote Medium Not required Partial Partial Partial
makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact.
845 CVE-2018-18436 352 CSRF 2018-10-17 2018-11-30
6.8
None Remote Medium Not required Partial Partial Partial
JTBC(PHP) 3.0 allows CSRF for creating an account via the console/account/manage.php?type=action&action=add URI.
846 CVE-2018-18432 352 CSRF 2018-10-17 2018-11-29
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in DESTOON B2B 7.0. CSRF exists via the admin.php URI in an action=add request.
847 CVE-2018-18422 352 CSRF 2018-10-17 2018-11-30
6.8
None Remote Medium Not required Partial Partial Partial
UsualToolCMS 8.0 allows CSRF for adding a user account via the cmsadmin/a_adminx.php?x=a URI.
848 CVE-2018-18420 352 CSRF 2018-10-19 2018-12-04
6.8
None Remote Medium Not required Partial Partial Partial
Cross-Site Request Forgery (CSRF) vulnerability was discovered in the 8.3 version of Zenario Content Management System via the admin/organizer.ajax.php?path=zenario__content%2Fpanels%2Fcontent URI.
849 CVE-2018-18392 264 2018-10-19 2018-12-03
6.5
None Remote Low Single system Partial Partial Partial
Privilege Escalation via Broken Access Control in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.
850 CVE-2018-18391 264 2018-10-19 2018-12-03
6.5
None Remote Low Single system Partial Partial Partial
User Privilege Escalation in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.