CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 3 and 3.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
351 CVE-2018-12310 79 XSS 2018-12-04 2018-12-20
3.5
None Remote Medium Single system None Partial None
Cross-site scripting in the Login page in ASUSTOR ADM version 3.1.1 allows attackers to execute JavaScript via the System Announcement feature.
352 CVE-2018-12103 284 2018-07-05 2018-09-04
3.3
None Local Network Low Not required None Partial None
An issue was discovered on D-Link DIR-890L A2 devices. Due to the predictability of the /docs/captcha_(number).jpeg URI, being local to the network, but unauthenticated to the administrator's panel, an attacker can disclose the CAPTCHAs used by the access point and can elect to load the CAPTCHA of their choosing, leading to unauthorized login attempts to the access point.
353 CVE-2018-12100 79 XSS 2018-06-11 2018-08-01
3.5
None Remote Medium Single system None Partial None
Sonatype Nexus Repository Manager before 3.12.0 has XSS in multiple areas in the Administration UI.
354 CVE-2018-12095 79 XSS 2018-06-11 2018-08-01
3.5
None Remote Medium Single system None Partial None
A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. The vulnerability is located in the mod parameter of info.php.
355 CVE-2018-12094 79 XSS 2018-06-11 2018-08-01
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerability in news.php in Dimofinf CMS Version 3.0.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
356 CVE-2018-12089 200 +Info 2018-06-11 2018-08-02
3.5
None Remote Medium Single system Partial None None
In Octopus Deploy version 2018.5.1 to 2018.5.7, a user with Task View is able to view a password for a Service Fabric Cluster, when the Service Fabric Cluster target is configured in Azure Active Directory security mode and a deployment is executed with OctopusPrintVariables set to True. This is fixed in 2018.6.0.
357 CVE-2018-12030 79 XSS 2018-06-15 2018-08-01
3.5
None Remote Medium Single system None Partial None
Chevereto Free before 1.0.13 has XSS.
358 CVE-2018-11715 79 XSS 2018-06-04 2018-07-18
3.5
None Remote Medium Single system None Partial None
The Recent Threads plugin before 1.1 for MyBB allows XSS via a thread subject.
359 CVE-2018-11631 284 2018-05-31 2018-07-02
3.3
None Local Network Low Not required None Partial None
Rondaful M1 Wristband Smart Band 1 devices allow remote attackers to send an arbitrary number of call or SMS notifications via crafted Bluetooth Low Energy (BLE) traffic.
360 CVE-2018-11588 79 XSS 2018-06-25 2018-08-28
3.5
None Remote Medium Single system None Partial None
Centreon 3.4.6 including Centreon Web 2.8.23 is vulnerable to an authenticated user injecting a payload into the username or command description, resulting in stored XSS. This is related to www/include/core/menu/menu.php and www/include/configuration/configObject/command/formArguments.php.
361 CVE-2018-11581 79 XSS 2018-06-01 2018-11-16
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerability on Brother HL series printers allows remote attackers to inject arbitrary web script or HTML via the url parameter to etc/loginerror.html.
362 CVE-2018-11580 79 XSS 2018-05-30 2018-07-05
3.5
None Remote Medium Single system None Partial None
An issue was discovered in mass-pages-posts-creator.php in the MULTIDOTS Mass Pages/Posts Creator plugin 1.2.2 for WordPress. Any logged in user can launch Mass Pages/Posts creation with custom content. There is no nonce or user capability check, so anyone can launch a DoS attack against a site and create hundreds of thousands of posts with custom content.
363 CVE-2018-11572 79 XSS 2018-05-30 2018-06-27
3.5
None Remote Medium Single system None Partial None
ClipperCMS 1.3.3 has XSS in the "Module name" field in a "Modules -> Manage modules -> edit" action to the manager/ URI.
364 CVE-2018-11564 79 XSS 2018-06-01 2018-07-05
3.5
None Remote Medium Single system None Partial None
Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malicious code via the picture upload feature. A user with elevated privileges could upload a photo to the system in an SVG format. This file will be uploaded to the system and it will not be stripped or filtered. The user can create a link on the website pointing to "/storage/poc.svg" that will point to http://localhost/pagekit/storage/poc.svg. When a user comes along to click that link, it will trigger a XSS attack.
365 CVE-2018-11559 79 XSS 2018-05-30 2018-11-29
3.5
None Remote Medium Single system None Partial None
DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" new_last_name parameter.
366 CVE-2018-11558 79 XSS 2018-05-30 2018-11-29
3.5
None Remote Medium Single system None Partial None
DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" new_first_name parameter.
367 CVE-2018-11549 79 XSS 2018-05-29 2018-06-29
3.5
None Remote Medium Single system None Partial None
An issue was discovered in WUZHI CMS 4.1.0 There is a Stored XSS Vulnerability in "Account Settings -> Member Centre -> Chinese information -> Ordinary member" via a QQ number, as demonstrated by a form[qq_10]= substring.
368 CVE-2018-11512 79 XSS 2018-05-28 2018-06-29
3.5
None Remote Medium Single system None Partial None
Stored cross-site scripting (XSS) vulnerability in the "Website's name" field found in the "Settings" page under the "General" menu in Creatiwity wityCMS 0.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted website name by doing an authenticated POST HTTP request to admin/settings/general.
369 CVE-2018-11477 200 +Info 2018-05-30 2018-07-05
3.3
None Local Network Low Not required Partial None None
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent between the iOS or Android application and the OBD dongle are not encrypted. The combination of this vulnerability with the lack of wireless network protection exposes all transferred car data to the public.
370 CVE-2018-11471 79 XSS 2018-05-25 2018-06-25
3.5
None Remote Medium Single system None Partial None
Cockpit 0.5.5 has XSS via a collection, form, or region.
371 CVE-2018-11448 79 Exec Code XSS 2018-06-26 2018-08-24
3.5
None Remote Medium Single system None Partial None
A vulnerability has been identified in SCALANCE M875 (All versions). The web interface on port 443/tcp could allow a stored Cross-Site Scripting (XSS) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires that the attacker has access to the web interface of an affected device. The attacker must be authenticated as administrative user on the web interface. Afterwards, a legitimate user must access the web interface. A successful attack could allow an attacker to execute malicious code in the browser of a legitimate user. At the time of advisory publication no public exploitation of this security vulnerability was known.
372 CVE-2018-11430 79 XSS 2018-05-28 2018-06-28
3.5
None Remote Medium Single system None Partial None
An issue was discovered in the Moderator Log Notes plugin 1.1 for MyBB. It allows moderators to save notes and display them in a list in the modCP. The XSS is located in the mod notes textarea.
373 CVE-2018-11403 79 XSS 2018-05-24 2018-06-25
3.5
None Remote Medium Single system None Partial None
DomainMod v4.09.03 has XSS via the assets/edit/account-owner.php oid parameter.
374 CVE-2018-11348 79 XSS 2018-12-04 2018-12-27
3.5
None Remote Medium Single system None Partial None
Two XSS vulnerabilities are located in the profile edition page of the user panel of the YunoHost 2.7.2 through 2.7.14 web application. By injecting a JavaScript payload, these flaws could be used to manipulate a user's session.
375 CVE-2018-11343 79 XSS 2018-05-21 2018-08-16
3.5
None Remote Medium Single system None Partial None
A persistent cross site scripting vulnerability in playlistmanger.cgi in the ASUSTOR SoundsGood application allows attackers to store cross site scripting payloads via the 'playlist' POST parameter.
376 CVE-2018-11332 79 XSS 2018-05-24 2018-06-25
3.5
None Remote Medium Single system None Partial None
Stored cross-site scripting (XSS) vulnerability in the "Site Name" field found in the "site" tab under configurations in ClipperCMS 1.3.3 allows remote attackers to inject arbitrary web script or HTML via a crafted site name to the manager/processors/save_settings.processor.php file.
377 CVE-2018-11330 79 XSS 2018-05-21 2018-06-22
3.5
None Remote Medium Single system None Partial None
An issue was discovered in Pluck before 4.7.6. There is authenticated stored XSS because the character set for filenames is not properly restricted.
378 CVE-2018-11326 79 XSS 2018-05-22 2018-06-22
3.5
None Remote Medium Single system None Partial None
An issue was discovered in Joomla! Core before 3.8.8. Inadequate input filtering leads to a multiple XSS vulnerabilities. Additionally, the default filtering settings could potentially allow users of the default Administrator user group to perform a XSS attack.
379 CVE-2018-11315 20 2018-05-20 2018-07-03
3.3
None Local Network Low Not required None Partial None
The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below products allows unauthorized access via a DNS rebinding attack. This can result in remote device temperature control, as demonstrated by a tstat t_heat request that accesses a device purchased in the Spring of 2018, and sets a home's target temperature to 95 degrees Fahrenheit. This vulnerability might be described as an addendum to CVE-2013-4860.
380 CVE-2018-11293 125 2018-09-18 2018-11-09
3.3
None Local Network Low Not required Partial None None
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, in wma_ndp_confirm_event_handler and wma_ndp_indication_event_handler, ndp_cfg len and num_ndp_app_info is from fw. If they are not checked, it may cause buffer over-read once the value is too large.
381 CVE-2018-11259 284 2018-07-06 2018-09-11
3.6
None Local Low Not required Partial Partial None
Due to Improper Access Control of NAND-based EFS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, From fastboot on a NAND-based device, the EFS partition can be erased. Apps processor then has non-secure world full read/write access to the partition until the modem boots and configures the EFS partition addresses in its MPU partition.
382 CVE-2018-11223 79 Exec Code XSS 2018-06-15 2018-08-02
3.5
None Remote Medium Single system None Partial None
XSS in Artica Pandora FMS before 7.0 NG 723 allows an attacker to execute arbitrary code via a crafted "refr" parameter in a "/pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=" call.
383 CVE-2018-11208 79 XSS 2018-05-16 2018-06-18
3.5
None Remote Medium Single system None Partial None
** DISPUTED ** An issue was discovered in Z-BlogPHP 2.0.0. There is a persistent XSS that allows remote attackers to inject arbitrary web script or HTML into background web site settings via the "copyright information office" field. NOTE: the vendor indicates that the product was not intended to block this type of XSS by a user with the admin privilege.
384 CVE-2018-11124 79 XSS 2018-07-06 2018-09-02
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerability in Attributes functionality in Open-AudIT Community edition before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted attribute name of an Attribute.
385 CVE-2018-11076 200 +Info 2018-11-26 2019-01-02
3.3
None Local Network Low Not required Partial None None
Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0 and 7.4.1 and Dell EMC Integrated Data Protection Appliance (IDPA) 2.0 are affected by an information exposure vulnerability. Avamar Java management console's SSL/TLS private key may be leaked in the Avamar Java management client package. The private key could potentially be used by an unauthenticated attacker on the same data-link layer to initiate a MITM attack on management console users.
386 CVE-2018-11073 79 Exec Code XSS 2018-09-28 2018-12-03
3.5
None Remote Medium Single system None Partial None
RSA Authentication Manager versions prior to 8.3 P3 contain a stored cross-site scripting vulnerability in the Operations Console. A malicious Operations Console administrator could exploit this vulnerability to store arbitrary HTML or JavaScript code through the web interface. When other Operations Console administrators open the affected page, the injected scripts could potentially be executed in their browser.
387 CVE-2018-11059 79 Exec Code XSS 2018-07-24 2018-09-20
3.5
None Remote Medium Single system None Partial None
RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When application users access the corrupted data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application.
388 CVE-2018-11050 255 2018-08-01 2018-10-11
3.3
None Local Network Low Not required Partial None None
Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, and the version 18.1.0.1 contain a Clear-Text authentication over network vulnerability in the Rabbit MQ Advanced Message Queuing Protocol (AMQP) component. User credentials are sent unencrypted to the remote AMQP service. An unauthenticated attacker in the same network collision domain, could potentially sniff the password from the network and use it to access the component using the privileges of the compromised user.
389 CVE-2018-10989 255 Bypass 2018-05-14 2018-06-19
3.5
None Remote Medium Single system Partial None None
Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a default password of "password" for the admin account that is used over an unencrypted http://192.168.0.1 connection, which might allow remote attackers to bypass intended access restrictions by leveraging access to the local network. NOTE: one or more user's guides distributed by ISPs state "At a minimum, you should set a login password."
390 CVE-2018-10937 79 XSS 2018-09-11 2018-11-16
3.5
None Remote Medium Single system None Partial None
A cross site scripting flaw exists in the tetonic-console component of Openshift Container Platform 3.11. An attacker with the ability to create pods can use this flaw to perform actions on the K8s API as the victim.
391 CVE-2018-10932 119 Overflow 2018-08-21 2018-10-23
3.3
None Local Network Low Not required None Partial None
lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal.
392 CVE-2018-10896 284 2018-08-01 2018-11-01
3.6
None Local Low Not required Partial Partial None
The default cloud-init configuration, in cloud-init 0.6.2 and newer, included "ssh_deletekeys: 0", disabling cloud-init's deletion of ssh host keys. In some environments, this could lead to instances created by cloning a golden master or template system, sharing ssh host keys, and being able to impersonate one another or conduct man-in-the-middle attacks.
393 CVE-2018-10821 79 XSS 2018-06-14 2018-08-09
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerability in backend/pages/modify.php in BlackCatCMS 1.3 allows remote authenticated users with the Admin role to inject arbitrary web script or HTML via the search panel.
394 CVE-2018-10806 79 XSS CSRF 2018-05-08 2018-06-13
3.5
None Remote Medium Single system None Partial None
An issue was discovered in Frog CMS 0.9.5. There is a reflected Cross Site Scripting Vulnerability via the file[current_name] parameter to the admin/?/plugin/file_manager/rename URI. This can be used in conjunction with CSRF.
395 CVE-2018-10763 79 XSS 2018-09-14 2018-11-09
3.5
None Remote Medium Single system None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the (1) Main heading or (2) Sub heading fields in the Partial Branding configuration page.
396 CVE-2018-10752 79 XSS 2018-05-04 2018-08-22
3.5
None Remote Medium Single system None Partial None
The Tagregator plugin 0.6 for WordPress has stored XSS via the title field in an Add New action.
397 CVE-2018-10726 79 XSS 2018-05-04 2018-06-05
3.5
None Remote Medium Single system None Partial None
** DISPUTED ** A stored XSS vulnerability was found in Datenstrom Yellow 0.7.3 via an "Edit page" action. NOTE: the vendor disputes the relevance of this report because an installation accessible to untrusted users is supposed to have parserSafeMode=1 in system/config/config.ini to prevent XSS.
398 CVE-2018-10680 79 XSS 2018-05-02 2018-06-13
3.5
None Remote Medium Single system None Partial None
** DISPUTED ** Z-BlogPHP 1.5.2 has a stored Cross Site Scripting Vulnerability exploitable by an administrator who navigates to "Web site settings --> Basic setting --> Website title" and enters an XSS payload via the zb_system/cmd.php ZC_BLOG_NAME parameter. NOTE: the vendor disputes the security relevance, noting it is "just a functional bug."
399 CVE-2018-10626 345 +Info 2018-08-10 2018-10-10
3.8
None Local Network Medium Single system Partial Partial None
A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient Monitor. The affected product's update service does not sufficiently verify the authenticity of the data uploaded. An attacker who obtains per-product credentials from the monitor and paired implantable cardiac device information can potentially upload invalid data to the Medtronic CareLink network.
400 CVE-2018-10624 388 +Info 2018-08-01 2018-10-15
3.3
None Local Network Low Not required Partial None None
In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3.0.2, this vulnerability results from improper error handling in HTTP-based communications with the server, which could allow an attacker to obtain technical information.
Total number of vulnerabilities : 3882   Page : 1 2 3 4 5 6 7 8 (This Page)9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.