VYPR

CVEs

31,171 total · page 512 of 624

  • CVE-2018-13350CriNov 27, 2018
    risk 0.65cvss 9.8epss 0.17

    SQL injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute SQL queries via the "Event" parameter.

  • CVE-2018-13338CriNov 27, 2018
    risk 0.65cvss 9.8epss 0.10

    System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "username" parameter during user creation.

  • CVE-2018-13336CriNov 27, 2018
    risk 0.64cvss 9.8epss 0.09

    System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "pwd" parameter during user creation.

  • CVE-2018-17936CriNov 27, 2018
    risk 0.68cvss 9.8epss 0.15

    NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or overwrite configuration files to the server, which could allow remote code execution.

  • CVE-2018-17934CriNov 27, 2018
    risk 0.68cvss 9.8epss 0.20

    NUUO CMS All versions 3.3 and prior the application allows external input to construct a pathname that is able to be resolved outside the intended directory. This could allow an attacker to impersonate a legitimate user, obtain restricted information, or execute arbitrary code.

  • CVE-2018-13316CriNov 27, 2018
    risk 0.64cvss 9.8epss 0.03

    System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "subnet" POST parameter.

  • CVE-2018-13314CriNov 27, 2018
    risk 0.64cvss 9.8epss 0.03

    System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ipAddr" POST parameter.

  • CVE-2018-13307CriNov 27, 2018
    risk 0.64cvss 9.8epss 0.03

    System command injection in fromNtp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ntpServerIp2" POST parameter. Certain payloads cause the device to become permanently inoperable.

  • CVE-2018-13306CriNov 27, 2018
    risk 0.64cvss 9.8epss 0.03

    System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ftpUser" POST parameter.

  • CVE-2018-19595CriNov 27, 2018
    risk 0.64cvss 9.8epss 0.04

    PbootCMS V1.3.1 build 2018-11-14 allows remote attackers to execute arbitrary code via use of "eval" with mixed case, as demonstrated by an index.php/list/5/?current={pboot:if(evAl($_GET[a]))}1{/pboot:if}&a=phpinfo(); URI, because of an incorrect…

  • CVE-2018-13324CriNov 26, 2018
    risk 0.66cvss 9.8epss 0.23

    Incorrect access control in nasapi in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to bypass authentication by sending a modified HTTP Host header.

  • CVE-2018-13315CriNov 26, 2018
    risk 0.64cvss 9.8epss 0.02

    Incorrect access control in formPasswordSetup in TOTOLINK A3002RU version 1.0.8 allows attackers to change the admin user's password via an unauthenticated POST request.

  • CVE-2018-13311CriNov 26, 2018
    risk 0.64cvss 9.8epss 0.03

    System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "sambaUser" POST parameter.

  • CVE-2018-11066CriNov 26, 2018
    risk 0.64cvss 9.8epss 0.10

    Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote…

  • CVE-2018-19559CriNov 26, 2018
    risk 0.64cvss 9.8epss 0.01

    CuppaCMS before 2018-11-12 has SQL Injection in administrator/classes/ajax/functions.php via the reference_id parameter.

  • CVE-2018-19558CriNov 26, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in arcms through 2018-03-19. SQL injection exists via the json/newslist limit parameter because of ctl/main/Json.php, ctl/main/service/Data.php, and comp/Db/Mysql.php.

  • CVE-2018-19557CriNov 26, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in arcms through 2018-03-19. No authentication is required for index/main, user/useradd, or img/images.

  • CVE-2018-19548CriNov 26, 2018
    risk 0.64cvss 9.8epss 0.02

    index.php?r=site%2Flogin in EduSec through 4.2.6 does not restrict sending a series of LoginForm[username] and LoginForm[password] parameters, which might make it easier for remote attackers to obtain access via a brute-force approach.

  • CVE-2018-19531CriNov 26, 2018
    risk 0.64cvss 9.8epss 0.05

    HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote command execution because the decodeXml function uses java.beans.XMLEncoder unsafely when configured without an xml.codec= setting.

  • CVE-2018-19530CriNov 26, 2018
    risk 0.64cvss 9.8epss 0.05

    HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote command execution because the decodeXml function uses XStream unsafely when configured with an xml.codec=httl.spi.codecs.XstreamCodec setting.

  • CVE-2018-19528CriNov 26, 2018
    risk 0.64cvss 9.8epss 0.03

    TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a denial of service (Tlb Load Exception) via crafted DNS packets to port 53/udp.

  • CVE-2018-19486CriNov 23, 2018
    risk 0.00cvss 9.8epss 0.04

    Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '.' were at the end of $PATH) in certain cases involving the run_command() API and run-command.c, because there was a dangerous change from execvp to execv during 2017.

  • CVE-2018-19468CriNov 23, 2018
    risk 0.64cvss 9.8epss 0.01

    HuCart 5.7.4 has SQL injection in get_ip() in system/class/helper_class.php via the X-Forwarded-For HTTP header to the user/index.php?load=login&act=act_login URI.

  • CVE-2018-19417CriNov 21, 2018
    risk 0.65cvss 10.0epss 0.06

    An issue was discovered in the MQTT server in Contiki-NG before 4.2. The function parse_publish_vhdr() that parses MQTT PUBLISH messages with a variable length header uses memcpy to input data into a fixed size buffer. The allocated buffer can fit only MQTT_MAX_TOPIC_LENGTH…

  • CVE-2018-19410CriKEVNov 21, 2018
    risk 0.83cvss 9.8epss 0.86

    PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated attackers to create users with read-write privileges (including administrator). A remote unauthenticated user can craft an HTTP request and override attributes of the 'include' directive in /public/login.htm…

  • CVE-2018-19409CriNov 21, 2018
    risk 0.64cvss 9.8epss 0.08

    An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used.

  • CVE-2009-5153CriNov 21, 2018
    risk 0.64cvss 9.8epss 0.06

    In Novell NetWare before 6.5 SP8, a stack buffer overflow in processing of CALLIT RPC calls in the NFS Portmapper daemon in PKERNEL.NLM allowed remote unauthenticated attackers to execute code, because a length field was incorrectly trusted.

  • CVE-2018-18864CriNov 20, 2018
    risk 0.63cvss 9.6epss 0.03

    Loadbalancer.org Enterprise VA MAX before 8.3.3 has XSS because Apache HTTP Server logs are displayed.

  • CVE-2018-18861CriNov 20, 2018
    risk 0.64cvss 9.8epss 0.04

    Buffer overflow in PCMan FTP Server 2.0.7 allows for remote code execution via the APPE command.

  • CVE-2018-18563CriNov 20, 2018
    risk 0.62cvss 9.6epss 0.01

    An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, CoaguChek XS Plus before 03.01.06, CoaguChek XS Pro before 03.01.06, cobas h 232…

  • CVE-2018-18439CriNov 20, 2018
    risk 0.64cvss 9.8epss 0.02

    DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP server because TFTP traffic is mishandled. Also, local exploitation can occur via a crafted kernel image.

  • CVE-2018-16223CriNov 20, 2018
    risk 0.64cvss 9.8epss 0.02

    Insecure Cryptographic Storage of credentials in com.vestiacom.qbeecamera_preferences.xml in the QBee Cam application through 1.0.5 for Android allows an attacker to retrieve the username and password.

  • CVE-2018-19367CriNov 20, 2018
    risk 0.64cvss 9.8epss 0.01

    Portainer through 1.19.2 provides an API endpoint (/api/users/admin/check) to verify that the admin user is already created. This API endpoint will return 404 if admin was not created and 204 if it was already created. Attackers can set an admin password in the 404 case.

  • CVE-2018-9209CriNov 19, 2018
    risk 0.64cvss 9.8epss 0.02

    Unauthenticated arbitrary file upload vulnerability in FineUploader php-traditional-server <= v1.2.2

  • CVE-2018-9207CriNov 19, 2018
    risk 0.64cvss 9.8epss 0.03

    Arbitrary file upload in jQuery Upload File <= 4.0.2

  • CVE-2018-17190CriNov 19, 2018
    risk 0.64cvss 9.8epss 0.09

    In all versions of Apache Spark, its standalone resource manager accepts code to execute on a 'master' host, that then runs that code on 'worker' hosts. The master itself does not, by design, execute user code. A specially-crafted request to the master can, however, cause the…

  • CVE-2018-15761CriNov 19, 2018
    risk 0.57cvss 9.9epss 0.02

    Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that…

  • CVE-2018-15759CriNov 19, 2018
    risk 0.52cvss 9.1epss 0.02

    Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 contain an insecure method of verifying credentials. A remote unauthenticated malicious user may make many requests to the service broker with different credentials, allowing them to infer valid credentials and…

  • CVE-2018-19355CriNov 19, 2018
    risk 0.64cvss 9.8epss 0.04

    modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop (1.5 through 1.7) allows remote attackers to execute arbitrary code by uploading a php file via modules/orderfiles/upload.php with auptype equal to product (for upload destinations…

  • CVE-2018-19333CriNov 17, 2018
    risk 0.00cvss 9.8epss 0.01

    pkg/sentry/kernel/shm/shm.go in Google gVisor before 2018-11-01 allows attackers to overwrite memory locations in processes running as root (but not escape the sandbox) via vectors involving IPC_RMID shmctl calls, because reference counting is mishandled.

  • CVE-2018-19328CriNov 17, 2018
    risk 0.64cvss 9.8epss 0.02

    LAOBANCMS 2.0 allows install/mysql_hy.php?riqi=../ Directory Traversal.

  • CVE-2018-18806CriNov 16, 2018
    risk 0.64cvss 9.8epss 0.02

    School Equipment Monitoring System 1.0 allows SQL injection via the login screen, related to include/user.vb.

  • CVE-2018-18805CriNov 16, 2018
    risk 0.67cvss 9.8epss 0.05

    Point Of Sales 1.0 allows SQL injection via the login screen, related to LoginForm1.vb.

  • CVE-2018-18804CriNov 16, 2018
    risk 0.67cvss 9.8epss 0.03

    Bakeshop Inventory System 1.0 has SQL injection via the login screen, related to include/publicfunction.vb.

  • CVE-2018-18803CriNov 16, 2018
    risk 0.67cvss 9.8epss 0.03

    Curriculum Evaluation System 1.0 allows SQL Injection via the login screen, related to frmCourse.vb and includes/user.vb.

  • CVE-2018-18801CriNov 16, 2018
    risk 0.67cvss 9.8epss 0.03

    The BSEN Ordering software 1.0 has SQL Injection via student/index.php?view=view&id=[SQL] or index.php?q=single-item&id=[SQL].

  • CVE-2018-18796CriNov 16, 2018
    risk 0.64cvss 9.8epss 0.02

    Library Management System 1.0 has SQL Injection via the "Search for Books" screen.

  • CVE-2018-18795CriNov 16, 2018
    risk 0.67cvss 9.8epss 0.03

    School Event Management System 1.0 has SQL Injection via the student/index.php or event/index.php id parameter.

  • CVE-2018-18793CriNov 16, 2018
    risk 0.67cvss 9.8epss 0.10

    School Event Management System 1.0 allows Arbitrary File Upload via event/controller.php?action=photos.

  • CVE-2018-18763CriNov 16, 2018
    risk 0.67cvss 9.8epss 0.03

    SaltOS 3.1 r8126 allows action=ajax&query=numbers&page=usuarios&action2=[SQL] SQL Injection.