| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
8451 |
CVE-2018-17133 |
94 |
|
Exec Code |
2018-09-17 |
2018-11-01 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the rewrite url setting. |
|
8452 |
CVE-2018-17132 |
94 |
|
Exec Code |
2018-09-17 |
2018-11-01 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
admin/goods_update.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the attrvalue[] array parameter. |
|
8453 |
CVE-2018-17131 |
94 |
|
Exec Code |
2018-09-17 |
2018-11-01 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the varvalue field. |
|
8454 |
CVE-2018-17130 |
79 |
|
XSS |
2018-09-17 |
2018-11-01 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
PHPMyWind 5.5 has XSS in member.php via an HTTP Referer header, |
|
8455 |
CVE-2018-17129 |
89 |
|
Sql |
2018-09-17 |
2018-11-09 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
MetInfo 6.1.0 has SQL injection in doexport() in app/system/feedback/admin/feedback_admin.class.php via the class1 field. |
|
8456 |
CVE-2018-17128 |
79 |
|
XSS |
2018-09-17 |
2018-11-07 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
A Persistent XSS issue was discovered in the Visual Editor in MyBB before 1.8.19 via a Video MyCode. |
|
8457 |
CVE-2018-17125 |
22 |
|
Dir. Trav. |
2018-09-17 |
2018-11-19 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
CScms 4.1 allows arbitrary directory deletion via a dir=..\\ substring to plugins\sys\admin\Plugins.php. |
|
8458 |
CVE-2018-17113 |
79 |
|
XSS |
2018-09-17 |
2018-11-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
App/Modules/Admin/Tpl/default/Public/dwz/uploadify/scripts/uploadify.swf in EasyCMS 1.5 has XSS via the uploadifyID or movieName parameter, a related issue to CVE-2018-9173. |
|
8459 |
CVE-2018-17108 |
417 |
|
|
2018-09-16 |
2018-12-07 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android might allow attackers to perform Account Takeover attacks by intercepting a security-question response during the initial configuration of the application. |
|
8460 |
CVE-2018-17106 |
119 |
|
Overflow |
2018-09-16 |
2018-11-28 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
In Tinyftp Tinyftpd 1.1, a buffer overflow exists in the text variable of the do_mkd function in the ftpproto.c file. An attacker can overwrite ebp via a long pathname. |
|
8461 |
CVE-2018-17104 |
352 |
|
CSRF |
2018-09-16 |
2018-11-20 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Microweber 1.0.7. There is a CSRF attack (against the admin user) that can add an administrative account via api/save_user. |
|
8462 |
CVE-2018-17103 |
352 |
|
CSRF |
2018-09-16 |
2018-11-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** An issue was discovered in GetSimple CMS v3.3.13. There is a CSRF vulnerability that can change the administrator's password via admin/settings.php. NOTE: The vendor reported that the PoC was sending a value for the nonce parameter. |
|
8463 |
CVE-2018-17102 |
352 |
|
CSRF |
2018-09-16 |
2018-11-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in QuickAppsCMS (aka QACMS) through 2.0.0-beta2. A CSRF vulnerability can change the administrator password via the user/me URI. |
|
8464 |
CVE-2018-17101 |
787 |
|
DoS |
2018-09-16 |
2019-01-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. |
|
8465 |
CVE-2018-17100 |
190 |
|
DoS Overflow |
2018-09-16 |
2019-01-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file. |
|
8466 |
CVE-2018-17098 |
119 |
|
DoS Overflow |
2018-09-16 |
2018-11-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (heap corruption from size inconsistency) or possibly have unspecified other impact, as demonstrated by SoundStretch. |
|
8467 |
CVE-2018-17097 |
415 |
|
DoS |
2018-09-16 |
2018-11-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact, as demonstrated by SoundStretch. |
|
8468 |
CVE-2018-17096 |
617 |
|
DoS |
2018-09-16 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. |
|
8469 |
CVE-2018-17095 |
119 |
|
Overflow |
2018-09-16 |
2019-01-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert. |
|
8470 |
CVE-2018-17094 |
476 |
|
|
2018-09-16 |
2018-11-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue has been discovered in mackyle xar 1.6.1. There is a NULL pointer dereference in xar_unserialize in lib/archive.c. |
|
8471 |
CVE-2018-17093 |
476 |
|
|
2018-09-16 |
2018-11-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue has been discovered in mackyle xar 1.6.1. There is a NULL pointer dereference in xar_get_path in lib/util.c. |
|
8472 |
CVE-2018-17092 |
89 |
|
Sql +Info |
2018-09-16 |
2019-10-02 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
|
An issue was discovered in DonLinkage 6.6.8. SQL injection in /pages/proxy/php.php and /pages/proxy/add.php can be exploited via specially crafted input, allowing an attacker to obtain information from a database. The vulnerability can only be triggered by an authorized user. |
|
8473 |
CVE-2018-17091 |
200 |
|
+Info |
2018-09-16 |
2018-11-01 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
|
An issue was discovered in DonLinkage 6.6.8. It allows remote attackers to obtain potentially sensitive information via a direct request for files/temporary.txt. |
|
8474 |
CVE-2018-17090 |
79 |
|
XSS |
2018-09-16 |
2018-11-01 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
An issue was discovered in DonLinkage 6.6.8. The modules /pages/bazy/bazy_adresow.php and /pages/proxy/add.php are vulnerable to stored XSS that can be triggered by closing <textarea> followed by <script></script> tags. |
|
8475 |
CVE-2018-17088 |
190 |
|
Overflow |
2018-09-16 |
2018-11-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is an integer overflow during a check for whether a location exceeds the EXIF data length. This is analogous to the CVE-2016-3822 integer overflow in exif.c. This gpsinfo.c vulnerability is unrelated to the CVE-2018-16554 gpsinfo.c vulnerability. |
|
8476 |
CVE-2018-17086 |
79 |
|
XSS |
2018-09-16 |
2018-11-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in OTCMS 3.61. XSS exists in admin/share_switch.php via these parameters: fieldName fieldName2 tabName. |
|
8477 |
CVE-2018-17085 |
79 |
|
XSS |
2018-09-16 |
2018-11-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in OTCMS 3.61. XSS exists in admin/users.php via these parameters: dataTypeCN dataMode dataModeStr. |
|
8478 |
CVE-2018-17082 |
79 |
|
XSS |
2018-09-16 |
2019-08-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c. |
|
8479 |
CVE-2018-17081 |
352 |
|
CSRF |
2018-09-26 |
2018-11-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
e107 2.1.9 allows CSRF via e107_admin/wmessage.php?mode=&action=inline&ajax_used=1&id= for changing the title of an arbitrary page. |
|
8480 |
CVE-2018-17079 |
79 |
|
XSS |
2019-06-19 |
2019-06-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in ZRLOG 2.0.1. There is a Stored XSS vulnerability in the nickname field of the comment area. |
|
8481 |
CVE-2018-17077 |
79 |
|
XSS Bypass |
2018-09-15 |
2018-11-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in yiqicms through 2016-11-20. There is stored XSS in comment.php because a length limit can be bypassed. |
|
8482 |
CVE-2018-17076 |
119 |
|
Overflow |
2018-09-15 |
2018-11-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
GPP through 2.25 will try to use more memory space than is available on the stack, leading to a segmentation fault or possibly unspecified other impact via a crafted file. |
|
8483 |
CVE-2018-17075 |
20 |
|
|
2018-09-15 |
2019-03-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of <template><object>, <template><applet>, or <template><marquee>. This is related to HTMLTreeBuilder.cpp in WebKit. |
|
8484 |
CVE-2018-17074 |
601 |
|
|
2018-09-15 |
2018-11-23 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
The Feed Statistics plugin before 4.0 for WordPress has an Open Redirect via the feed-stats-url parameter. |
|
8485 |
CVE-2018-17073 |
476 |
|
|
2018-09-15 |
2018-11-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
wernsey/bitmap before 2018-08-18 allows a NULL pointer dereference via a 4-bit image. |
|
8486 |
CVE-2018-17071 |
338 |
|
|
2018-09-18 |
2018-12-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The fallback function of a simple lottery smart contract implementation for Lucky9io, an Ethereum gambling game, generates a random value with the publicly readable variable entry_number. This variable is private, yet it is readable by eth.getStorageAt function. Also, attackers can purchase a ticket at a low price by directly calling the fallback function with small msg.value, because the developer set the currency unit incorrectly. Therefore, it allows attackers to always win and get rewards. |
|
8487 |
CVE-2018-17070 |
352 |
|
CSRF |
2018-09-15 |
2018-11-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in UNL-CMS 7.59. A CSRF attack can update the website settings via ?q=admin%2Fconfig%2Fsystem%2Fsite-information&render=overlay&render=overlay. |
|
8488 |
CVE-2018-17069 |
352 |
|
CSRF |
2018-09-15 |
2018-11-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in UNL-CMS 7.59. A CSRF attack can create new content via ?q=node%2Fadd%2Farticle&render=overlay&render=overlay. |
|
8489 |
CVE-2018-17062 |
79 |
|
XSS |
2018-09-16 |
2018-11-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in SeaCMS 6.64. XSS exists in admin_video.php via the action, area, type, yuyan, jqtype, v_isunion, v_recycled, v_ismoney, or v_ispsd parameter. |
|
8490 |
CVE-2018-17061 |
79 |
|
XSS |
2018-09-15 |
2018-11-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
BullGuard Safe Browsing before 18.1.355.9 allows XSS on Google, Bing, and Yahoo! pages via domains indexed in search results. |
|
8491 |
CVE-2018-17060 |
22 |
|
Dir. Trav. |
2018-10-08 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Telerik Extensions for ASP.NET MVC (all versions) does not whitelist requests, which can allow a remote attacker to access files inside the server's web directory. NOTE: this product has been obsolete since June 2013. |
|
8492 |
CVE-2018-17056 |
79 |
|
XSS |
2018-09-27 |
2018-11-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in ServiceStack in Progress Sitefinity CMS versions 10.2 through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
|
8493 |
CVE-2018-17055 |
434 |
|
|
2018-09-27 |
2018-12-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
An arbitrary file upload vulnerability in Progress Sitefinity CMS versions 4.0 through 11.0 related to image uploads. |
|
8494 |
CVE-2018-17054 |
79 |
|
XSS |
2018-10-03 |
2018-11-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17053. |
|
8495 |
CVE-2018-17053 |
79 |
|
XSS |
2018-10-03 |
2018-11-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17054. |
|
8496 |
CVE-2018-17051 |
79 |
|
XSS |
2018-09-14 |
2018-11-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
K-Net Cisco Configuration Manager through 2014-11-19 has XSS via devices.php. |
|
8497 |
CVE-2018-17050 |
190 |
|
Overflow |
2018-09-21 |
2018-11-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The mintToken function of a smart contract implementation for PolyAi (AI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. |
|
8498 |
CVE-2018-17049 |
79 |
|
XSS |
2018-09-14 |
2018-11-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
CQU-LANKERS through 2017-11-02 has XSS via the public/api.php callback parameter in an uploadpic action. |
|
8499 |
CVE-2018-17048 |
89 |
|
Sql |
2019-05-16 |
2019-05-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
admin/Lib/Action/FpluginAction.class.php in FDCMS (aka Fangfa Content Manage System) 4.2 allows SQL Injection. |
|
8500 |
CVE-2018-17046 |
79 |
|
XSS |
2018-09-14 |
2018-11-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
translate man before 2018-08-21 has XSS via containers/outputBox/outputBox.vue and store/index.js. |
