CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1451 CVE-2018-19271 89 Sql 2018-11-14 2019-07-30
6.5
None Remote Low Single system Partial Partial Partial
Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.28) allows SQL Injection via the main.php searchH parameter.
1452 CVE-2018-19248 20 2018-12-24 2019-01-11
6.4
None Remote Low Not required None Partial Partial
The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode), WF-2861 10.51.LQ20I6, and WF-2861 10.52.LQ17IA devices allows remote attackers to upload a firmware file and reset the printer without authentication by making a request to the /DOWN/FIRMWAREUPDATE/ROM1 URI and a POST request to the /FIRMWAREUPDATE URI.
1453 CVE-2018-19242 119 Overflow 2018-12-20 2019-01-14
6.5
None Remote Low Single system Partial Partial Partial
Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-673GRU devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (with authentication).
1454 CVE-2018-19228 22 Dir. Trav. 2018-11-12 2018-12-11
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in LAOBANCMS 2.0. It allows arbitrary file deletion via ../ directory traversal in the admin/pic.php del parameter, as demonstrated by deleting install/install.txt to permit a reinstallation.
1455 CVE-2018-19225 352 CSRF 2018-11-12 2018-12-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in LAOBANCMS 2.0. admin/mima.php has CSRF.
1456 CVE-2018-19216 416 2018-11-12 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c.
1457 CVE-2018-19215 125 2018-11-12 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters.
1458 CVE-2018-19214 125 2018-11-12 2019-04-22
6.8
None Remote Medium Not required Partial Partial Partial
Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input.
1459 CVE-2018-19192 352 CSRF 2018-11-12 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in XiaoCms 20141229. admin/index.php?c=content&a=add&catid=3 has CSRF, as demonstrated by entering news via the data[content] parameter.
1460 CVE-2018-19182 352 CSRF 2018-12-26 2019-01-14
6.8
None Remote Medium Not required Partial Partial Partial
Engelsystem before commit hash 2e28336 allows CSRF.
1461 CVE-2018-19181 22 Dir. Trav. 2018-11-11 2018-12-12
6.4
None Remote Low Not required None Partial Partial
statics/ueditor/php/vendor/Local.class.php in YUNUCMS 1.1.5 allows arbitrary file deletion via the statics/ueditor/php/controller.php?action=remove key parameter, as demonstrated by using directory traversal to delete the install.lock file.
1462 CVE-2018-19150 119 DoS Overflow Mem. Corr. 2018-11-10 2019-01-16
6.8
None Remote Medium Not required Partial Partial Partial
Memory corruption in PDMODELProvidePDModelHFT in pdmodel.dll in pdfforge PDF Architect 6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because of a "Data from Faulting Address controls Code Flow" issue.
1463 CVE-2018-19138 352 CSRF 2018-11-09 2019-01-04
6.8
None Remote Medium Not required Partial Partial Partial
WSTMart 2.0.7 has CSRF via the index.php/admin/staffs/add.html URI.
1464 CVE-2018-19134 704 Exec Code 2018-12-20 2019-01-11
6.8
None Remote Medium Not required Partial Partial Partial
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue because of failure to check whether the Implementation of a pattern dictionary was a structure type.
1465 CVE-2018-19125 284 2018-11-09 2018-12-12
6.4
None Remote Low Not required None Partial Partial
PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to delete an image directory.
1466 CVE-2018-19109 284 Bypass 2018-11-08 2019-01-23
6.5
None Remote Low Single system Partial Partial Partial
tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/cms/column/list directly to read the column list page or edit a column.
1467 CVE-2018-19105 787 DoS 2018-11-08 2019-05-05
6.8
None Remote Medium Not required Partial Partial Partial
LibreCAD 2.1.3 allows remote attackers to cause a denial of service (0x89C04589 write access violation and application crash) or possibly have unspecified other impact via a crafted file.
1468 CVE-2018-19104 352 CSRF 2018-11-08 2018-12-11
6.8
None Remote Medium Not required Partial Partial Partial
In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can be used to upload arbitrary files and get server privileges.
1469 CVE-2018-19053 94 Exec Code 2018-11-07 2018-12-12
6.5
None Remote Low Single system Partial Partial Partial
PbootCMS 1.2.2 allows remote attackers to execute arbitrary PHP code by specifying a .php filename in a "SET GLOBAL general_log_file" statement, followed by a SELECT statement containing this PHP code.
1470 CVE-2018-19005 20 Exec Code 2018-12-20 2019-01-09
6.8
None Remote Medium Not required Partial Partial Partial
Cscape, Version 9.80.75.3 SP3 and prior. An improper input validation vulnerability has been identified that may be exploited by processing specially crafted POC files lacking user input validation. This may allow an attacker to read confidential information and remotely execute arbitrary code.
1471 CVE-2018-18993 119 Exec Code Overflow 2018-12-04 2019-01-03
6.8
None Remote Medium Not required Partial Partial Partial
Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior). When processing project files, the application allows input data to exceed the buffer. An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the application.
1472 CVE-2018-18989 416 Exec Code 2018-12-04 2019-01-03
6.8
None Remote Medium Not required Partial Partial Partial
In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.
1473 CVE-2018-18987 502 Exec Code 2018-11-30 2018-12-27
6.8
None Remote Medium Not required Partial Partial Partial
VT-Designer Version 2.1.7.31 is vulnerable by the program populating objects with user supplied input via a file without first checking for validity, allowing attacker supplied input to be written to known memory locations. This may cause the program to crash or allow remote code execution.
1474 CVE-2018-18983 119 Exec Code Overflow 2018-11-30 2018-12-27
6.8
None Remote Medium Not required Partial Partial Partial
VT-Designer Version 2.1.7.31 is vulnerable by the program reading the contents of a file (which is already in memory) into another heap-based buffer, which may cause the program to crash or allow remote code execution.
1475 CVE-2018-18942 20 Exec Code 2018-11-05 2019-01-14
6.5
None Remote Low Single system Partial Partial Partial
In baserCMS before 4.1.4, lib\Baser\Model\ThemeConfig.php allows remote attackers to execute arbitrary PHP code via the admin/theme_configs/form data[ThemeConfig][logo] parameter.
1476 CVE-2018-18936 22 Dir. Trav. 2018-11-05 2018-12-11
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in PopojiCMS v2.0.1. admin_library.php allows remote attackers to delete arbitrary files via directory traversal in the po-admin/route.php?mod=library&act=delete id parameter.
1477 CVE-2018-18935 352 CSRF 2018-11-05 2018-12-10
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the po-admin/route.php?mod=component&act=addnew URI, as demonstrated by adding a level=1 account.
1478 CVE-2018-18891 287 2018-10-31 2018-12-03
6.4
None Remote Low Not required None Partial Partial
MiniCMS 1.10 allows file deletion via /mc-admin/post.php?state=delete&delete= because the authentication check occurs too late.
1479 CVE-2018-18881 254 DoS 2019-03-21 2019-04-03
6.8
None Remote Low Single system None None Complete
A Denial of Service (DOS) issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05. An authenticated user can configure invalid network settings, stopping TCP based communications to the device. A physical factory reset is required to restore the device to an operational state.
1480 CVE-2018-18879 94 2019-06-18 2019-06-18
6.5
None Remote Low Single system Partial Partial Partial
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can pipe commands directly to the underlying operating system as user input is not sanitized in networkdiags.php.
1481 CVE-2018-18877 287 2019-06-18 2019-06-18
6.5
None Remote Low Single system Partial Partial Partial
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can access an alternative configuration page config_main.php that allows manipulation of the device.
1482 CVE-2018-18873 476 2018-10-31 2019-08-09
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c.
1483 CVE-2018-18862 264 2019-03-21 2019-04-02
6.5
None Remote Low Single system Partial Partial Partial
BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control in ITAM forms, as demonstrated by TLS%3APLR-Configuration+Details/Default+Admin+View/, AST%3AARServerConnection/Default+Admin+View/, and AR+System+Administration%3A+Server+Information/Default+Admin+View/.
1484 CVE-2018-18842 352 Exec Code CSRF 2018-10-30 2019-01-09
6.8
None Remote Medium Not required Partial Partial Partial
CSRF exists in zb_users/plugin/AppCentre/theme.js.php in Z-BlogPHP 1.5.2.1935 (Zero), which allows remote attackers to execute arbitrary PHP code.
1485 CVE-2018-18820 119 DoS Exec Code Overflow 2018-11-05 2019-01-23
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution.
1486 CVE-2018-18802 352 CSRF 2019-06-18 2019-06-18
6.8
None Remote Medium Not required Partial Partial Partial
The Tubigan "Welcome to our Resort" 1.0 software allows CSRF via admin/mod_users/controller.php?action=edit.
1487 CVE-2018-18799 352 CSRF 2018-11-16 2018-12-18
6.8
None Remote Medium Not required Partial Partial Partial
School Attendance Monitoring System 1.0 has CSRF via event/controller.php?action=photos.
1488 CVE-2018-18797 352 CSRF 2018-11-16 2018-12-18
6.8
None Remote Medium Not required Partial Partial Partial
School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.php.
1489 CVE-2018-18794 352 CSRF 2018-11-16 2018-12-18
6.8
None Remote Medium Not required Partial Partial Partial
School Event Management System 1.0 allows CSRF via user/controller.php?action=edit.
1490 CVE-2018-18790 89 Sql 2018-10-29 2018-12-04
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in zzcms 8.3. SQL Injection exists in admin/special_add.php via a zxbigclassid cookie. (This needs an admin user login.)
1491 CVE-2018-18788 89 Sql 2018-10-29 2018-12-04
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in zzcms 8.3. SQL Injection exists in admin/classmanage.php via the tablename parameter. (This needs an admin user login.)
1492 CVE-2018-18784 89 Sql 2018-10-29 2018-12-04
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in zzcms 8.3. SQL Injection exists in admin/tagmanage.php via the tabletag parameter. (This needs an admin user login.)
1493 CVE-2018-18773 352 CSRF 2018-11-20 2018-11-29
6.8
None Remote Medium Not required Partial Partial Partial
CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allows CSRF via admin/index.php?module=rootpwd, as demonstrated by changing the root password.
1494 CVE-2018-18772 352 CSRF 2018-11-20 2018-11-29
6.8
None Remote Medium Not required Partial Partial Partial
CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allows CSRF via admin/index.php?module=send_ssh, as demonstrated by executing an arbitrary OS command.
1495 CVE-2018-18765 125 DoS 2018-10-29 2018-12-07
6.4
None Remote Low Not required Partial None Partial
An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in mg_mqtt_next_subscribe_topic. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially resulting in information disclosure and denial of service. An attacker needs to send a specially crafted MQTT packet over the network to trigger this vulnerability.
1496 CVE-2018-18764 125 DoS 2018-10-29 2018-12-07
6.4
None Remote Low Not required Partial None Partial
An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in a parse_mqtt getu16 call. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially resulting in information disclosure and denial of service. An attacker needs to send a specially crafted MQTT packet over the network to trigger this vulnerability.
1497 CVE-2018-18742 352 CSRF 2018-10-29 2018-11-14
6.8
None Remote Medium Not required Partial Partial Partial
A CSRF issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_User.php?Class=add&CF=user URI.
1498 CVE-2018-18735 352 CSRF 2018-10-29 2018-11-14
6.8
None Remote Medium Not required Partial Partial Partial
A CSRF issue was discovered in admin/Index/tiquan in catfish blog 2.0.33.
1499 CVE-2018-18734 352 CSRF 2018-10-29 2018-11-13
6.8
None Remote Medium Not required Partial Partial Partial
A CSRF issue was discovered in admin/Index/addmanageuser.html in Catfish CMS 4.8.30.
1500 CVE-2018-18712 352 CSRF 2018-10-29 2018-11-16
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's username via index.php?m=member&f=index&v=edit&uid=1.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.