| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-15681 | Cri | 0.64 | 9.8 | 0.01 | Sep 5, 2018 | An issue was discovered in BTITeam XBTIT 2.5.4. When a user logs in, their password hash is rehashed using a predictable salt and stored in the "pass" cookie, which is not flagged as HTTPOnly. Due to the weak and predictable salt that is in place, an attacker who successfully… | ||
| CVE-2018-15680 | Cri | 0.64 | 9.8 | 0.01 | Sep 5, 2018 | An issue was discovered in BTITeam XBTIT 2.5.4. The hashed passwords stored in the xbtit_users table are stored as unsalted MD5 hashes, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack. | ||
| CVE-2015-9266 | Cri | 0.73 | 9.8 | 0.74 | Sep 5, 2018 | The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this vulnerability to gain root… | ||
| CVE-2016-1000030 | Cri | 0.57 | 9.8 | 0.02 | Sep 5, 2018 | Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack appear to be exploitable via custom X.509… | ||
| CVE-2018-16521 | Cri | 0.00 | 9.8 | 0.02 | Sep 5, 2018 | An XML External Entity (XXE) vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0. | ||
| CVE-2018-16518 | Cri | 0.64 | 9.8 | 0.03 | Sep 5, 2018 | A directory traversal vulnerability with remote code execution in Prim'X Zed! FREE through 1.0 build 186 and Zed! Limited Edition through 6.1 build 2208 allows creation of arbitrary files on a user's workstation using crafted ZED! containers because the watermark loading… | ||
| CVE-2018-13259 | Cri | 0.64 | 9.8 | 0.03 | Sep 5, 2018 | An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one. | ||
| CVE-2018-0502 | Cri | 0.64 | 9.8 | 0.02 | Sep 5, 2018 | An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line. | ||
| CVE-2018-0664 | Cri | 0.64 | 9.8 | 0.02 | Sep 4, 2018 | A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environment variables via unspecified vectors. | ||
| CVE-2018-16445 | Cri | 0.64 | 9.8 | 0.01 | Sep 4, 2018 | An issue was discovered in SeaCMS through 6.61. SQL injection exists via the tid parameter in an adm1n/admin_topic_vod.php request. | ||
| CVE-2018-16444 | Cri | 0.59 | 9.1 | 0.01 | Sep 4, 2018 | An issue was discovered in SeaCMS 6.61. adm1n/admin_reslib.php has SSRF via the url parameter. | ||
| CVE-2018-16432 | Cri | 0.64 | 9.8 | 0.01 | Sep 4, 2018 | BlueCMS 1.6 allows SQL Injection via the user_name parameter to uploads/user.php?act=index_login. | ||
| CVE-2018-16428 | Cri | 0.64 | 9.8 | 0.05 | Sep 4, 2018 | In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference. | ||
| CVE-2018-16402 | Cri | 0.64 | 9.8 | 0.04 | Sep 3, 2018 | libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice. | ||
| CVE-2018-16385 | — | Cri | 0.64 | 9.8 | 0.02 | Sep 3, 2018 | ThinkPHP before 5.1.23 allows SQL Injection via the public/index/index/test/index query string. | |
| CVE-2018-16370 | Cri | 0.64 | 9.8 | 0.02 | Sep 3, 2018 | In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive. | ||
| CVE-2018-16367 | Cri | 0.65 | 9.9 | 0.02 | Sep 2, 2018 | In OnlineJudge 2.0, the sandbox has an incorrect access control vulnerability that can write a file anywhere. A user can write a directory listing to /tmp, and can leak file data with a #include. | ||
| CVE-2018-16354 | Cri | 0.64 | 9.8 | 0.01 | Sep 2, 2018 | An issue was discovered in FHCRM through 2018-02-11. There is a SQL injection via the index.php/User/read limit parameter. | ||
| CVE-2018-16353 | Cri | 0.64 | 9.8 | 0.01 | Sep 2, 2018 | An issue was discovered in FHCRM through 2018-02-11. There is a SQL injection via the /index.php/Customer/read limit parameter. | ||
| CVE-2018-16352 | Cri | 0.64 | 9.8 | 0.01 | Sep 2, 2018 | There is a PHP code upload vulnerability in WeaselCMS 0.3.6 via index.php because code can be embedded at the end of a .png file when the image/png content type is used. | ||
| CVE-2018-16329 | Cri | 0.64 | 9.8 | 0.02 | Sep 1, 2018 | In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c. | ||
| CVE-2018-16328 | Cri | 0.64 | 9.8 | 0.02 | Sep 1, 2018 | In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c. | ||
| CVE-2018-16278 | Cri | 0.64 | 9.8 | 0.02 | Aug 31, 2018 | phpkaiyuancms PhpOpenSourceCMS (POSCMS) V3.2.0 allows an unauthenticated user to execute arbitrary SQL commands via the diy/module/member/controllers/Api.php ajax_save_draft function with the dir parameter. | ||
| CVE-2018-16239 | Cri | 0.64 | 9.8 | 0.01 | Aug 30, 2018 | An issue was discovered in damiCMS V6.0.1. It relies on the PHP time() function for cookies, which makes it possible to determine the cookie for an existing admin session via 10800 guesses. | ||
| CVE-2018-15477 | Cri | 0.64 | 9.8 | 0.02 | Aug 30, 2018 | myStrom WiFi Switch V1 devices before 2.66 did not sanitize a parameter received from the cloud that was used in an OS command. Malicious servers were able to run operating system commands on the device. | ||
| CVE-2018-16159 | Cri | 0.68 | 9.8 | 0.50 | Aug 30, 2018 | The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template request. | ||
| CVE-2018-15691 | Cri | 0.68 | 9.8 | 0.17 | Aug 30, 2018 | Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and earlier, allows attackers to potentially execute arbitrary code. | ||
| CVE-2018-13826 | Cri | 0.59 | 9.1 | 0.02 | Aug 30, 2018 | An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks. | ||
| CVE-2018-13824 | Cri | 0.64 | 9.8 | 0.02 | Aug 30, 2018 | Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks. | ||
| CVE-2018-13821 | Cri | 0.64 | 9.8 | 0.03 | Aug 30, 2018 | A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing. | ||
| CVE-2018-16158 | Cri | 0.69 | 9.8 | 0.35 | Aug 30, 2018 | Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins (to uid 0) via the… | ||
| CVE-2018-16115 | — | Cri | 0.59 | 9.1 | 0.01 | Aug 29, 2018 | Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. A random number generator is used in Akka Remoting for TLS (both classic and Artery Remoting). Akka allows configuration of custom random number generators. For historical… | |
| CVE-2018-7791 | Cri | 0.64 | 9.8 | 0.02 | Aug 29, 2018 | A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to overwrite the original password with their password. If an… | ||
| CVE-2018-7790 | Cri | 0.64 | 9.8 | 0.02 | Aug 29, 2018 | An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability… | ||
| CVE-2018-14805 | Cri | 0.64 | 9.8 | 0.05 | Aug 29, 2018 | ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present. Both conditions are required to exploit this vulnerability. | ||
| CVE-2018-15727 | — | Cri | 0.01 | 9.8 | 0.64 | Aug 29, 2018 | Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user. | |
| CVE-2018-12829 | Cri | 0.64 | 9.8 | 0.05 | Aug 29, 2018 | Adobe Creative Cloud Desktop Application before 4.6.1 has an improper certificate validation vulnerability. Successful exploitation could lead to privilege escalation. | ||
| CVE-2018-12828 | Cri | 0.64 | 9.8 | 0.07 | Aug 29, 2018 | Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation. | ||
| CVE-2018-12825 | Cri | 0.64 | 9.8 | 0.07 | Aug 29, 2018 | Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. Successful exploitation could lead to security mitigation bypass. | ||
| CVE-2018-12811 | Cri | 0.64 | 9.8 | 0.06 | Aug 29, 2018 | Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before 18.1.6 have a memory corruption vulnerability. Successful exploitation could lead to remote code execution. | ||
| CVE-2018-12810 | Cri | 0.64 | 9.8 | 0.06 | Aug 29, 2018 | Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before 18.1.6 have a memory corruption vulnerability. Successful exploitation could lead to remote code execution. | ||
| CVE-2018-12808 | Cri | 0.64 | 9.8 | 0.08 | Aug 29, 2018 | Adobe Acrobat and Reader versions 2018.011.20055 and earlier, 2017.011.30096 and earlier, and 2015.006.30434 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2018-15882 | Cri | 0.57 | 9.8 | 0.03 | Aug 29, 2018 | An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter. | ||
| CVE-2017-15398 | Cri | 0.64 | 9.8 | 0.04 | Aug 28, 2018 | A stack buffer overflow in the QUIC networking stack in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to gain code execution via a malicious server. | ||
| CVE-2018-15873 | Cri | 0.64 | 9.8 | 0.01 | Aug 28, 2018 | A SQL Injection issue was discovered in Sentrifugo 3.2 via the deptid parameter. | ||
| CVE-2018-15839 | Cri | 0.70 | 9.8 | 0.45 | Aug 28, 2018 | D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header. | ||
| CVE-2018-3904 | Cri | 0.64 | 9.9 | 0.02 | Aug 27, 2018 | An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a… | ||
| CVE-2018-15904 | Cri | 0.64 | 9.8 | 0.01 | Aug 27, 2018 | A10 ACOS Web Application Firewall (WAF) 2.7.1 and 2.7.2 before 2.7.2-P12, 4.1.0 before 4.1.0-P11, 4.1.1 before 4.1.1-P8, and 4.1.2 before 4.1.2-P4 mishandles the configured rules for blocking SQL injection attacks, aka A10-2017-0008. | ||
| CVE-2018-15894 | Cri | 0.64 | 9.8 | 0.02 | Aug 27, 2018 | A SQL injection was discovered in /coreframe/app/admin/pay/admin/index.php in WUZHI CMS 4.1.0 via the index.php?m=pay&f=index&v=listing keyValue parameter. | ||
| CVE-2018-15893 | Cri | 0.64 | 9.8 | 0.02 | Aug 27, 2018 | A SQL injection was discovered in /coreframe/app/admin/copyfrom.php in WUZHI CMS 4.1.0 via the index.php?m=core&f=copyfrom&v=listing keywords parameter. |
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in BTITeam XBTIT 2.5.4. When a user logs in, their password hash is rehashed using a predictable salt and stored in the "pass" cookie, which is not flagged as HTTPOnly. Due to the weak and predictable salt that is in place, an attacker who successfully…
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in BTITeam XBTIT 2.5.4. The hashed passwords stored in the xbtit_users table are stored as unsalted MD5 hashes, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack.
- risk 0.73cvss 9.8epss 0.74
The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this vulnerability to gain root…
- risk 0.57cvss 9.8epss 0.02
Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack appear to be exploitable via custom X.509…
- risk 0.00cvss 9.8epss 0.02
An XML External Entity (XXE) vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0.
- risk 0.64cvss 9.8epss 0.03
A directory traversal vulnerability with remote code execution in Prim'X Zed! FREE through 1.0 build 186 and Zed! Limited Edition through 6.1 build 2208 allows creation of arbitrary files on a user's workstation using crafted ZED! containers because the watermark loading…
- risk 0.64cvss 9.8epss 0.03
An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.
- risk 0.64cvss 9.8epss 0.02
A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environment variables via unspecified vectors.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in SeaCMS through 6.61. SQL injection exists via the tid parameter in an adm1n/admin_topic_vod.php request.
- risk 0.59cvss 9.1epss 0.01
An issue was discovered in SeaCMS 6.61. adm1n/admin_reslib.php has SSRF via the url parameter.
- risk 0.64cvss 9.8epss 0.01
BlueCMS 1.6 allows SQL Injection via the user_name parameter to uploads/user.php?act=index_login.
- risk 0.64cvss 9.8epss 0.05
In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.
- risk 0.64cvss 9.8epss 0.04
libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice.
- risk 0.64cvss 9.8epss 0.02
ThinkPHP before 5.1.23 allows SQL Injection via the public/index/index/test/index query string.
- risk 0.64cvss 9.8epss 0.02
In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive.
- risk 0.65cvss 9.9epss 0.02
In OnlineJudge 2.0, the sandbox has an incorrect access control vulnerability that can write a file anywhere. A user can write a directory listing to /tmp, and can leak file data with a #include.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in FHCRM through 2018-02-11. There is a SQL injection via the index.php/User/read limit parameter.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in FHCRM through 2018-02-11. There is a SQL injection via the /index.php/Customer/read limit parameter.
- risk 0.64cvss 9.8epss 0.01
There is a PHP code upload vulnerability in WeaselCMS 0.3.6 via index.php because code can be embedded at the end of a .png file when the image/png content type is used.
- risk 0.64cvss 9.8epss 0.02
In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.
- risk 0.64cvss 9.8epss 0.02
In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.
- risk 0.64cvss 9.8epss 0.02
phpkaiyuancms PhpOpenSourceCMS (POSCMS) V3.2.0 allows an unauthenticated user to execute arbitrary SQL commands via the diy/module/member/controllers/Api.php ajax_save_draft function with the dir parameter.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in damiCMS V6.0.1. It relies on the PHP time() function for cookies, which makes it possible to determine the cookie for an existing admin session via 10800 guesses.
- risk 0.64cvss 9.8epss 0.02
myStrom WiFi Switch V1 devices before 2.66 did not sanitize a parameter received from the cloud that was used in an OS command. Malicious servers were able to run operating system commands on the device.
- risk 0.68cvss 9.8epss 0.50
The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template request.
- risk 0.68cvss 9.8epss 0.17
Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and earlier, allows attackers to potentially execute arbitrary code.
- risk 0.59cvss 9.1epss 0.02
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks.
- risk 0.64cvss 9.8epss 0.02
Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks.
- risk 0.64cvss 9.8epss 0.03
A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing.
- risk 0.69cvss 9.8epss 0.35
Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins (to uid 0) via the…
- risk 0.59cvss 9.1epss 0.01
Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. A random number generator is used in Akka Remoting for TLS (both classic and Artery Remoting). Akka allows configuration of custom random number generators. For historical…
- risk 0.64cvss 9.8epss 0.02
A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to overwrite the original password with their password. If an…
- risk 0.64cvss 9.8epss 0.02
An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability…
- risk 0.64cvss 9.8epss 0.05
ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present. Both conditions are required to exploit this vulnerability.
- risk 0.01cvss 9.8epss 0.64
Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user.
- risk 0.64cvss 9.8epss 0.05
Adobe Creative Cloud Desktop Application before 4.6.1 has an improper certificate validation vulnerability. Successful exploitation could lead to privilege escalation.
- risk 0.64cvss 9.8epss 0.07
Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation.
- risk 0.64cvss 9.8epss 0.07
Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. Successful exploitation could lead to security mitigation bypass.
- risk 0.64cvss 9.8epss 0.06
Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before 18.1.6 have a memory corruption vulnerability. Successful exploitation could lead to remote code execution.
- risk 0.64cvss 9.8epss 0.06
Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before 18.1.6 have a memory corruption vulnerability. Successful exploitation could lead to remote code execution.
- risk 0.64cvss 9.8epss 0.08
Adobe Acrobat and Reader versions 2018.011.20055 and earlier, 2017.011.30096 and earlier, and 2015.006.30434 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
- risk 0.57cvss 9.8epss 0.03
An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter.
- risk 0.64cvss 9.8epss 0.04
A stack buffer overflow in the QUIC networking stack in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to gain code execution via a malicious server.
- risk 0.64cvss 9.8epss 0.01
A SQL Injection issue was discovered in Sentrifugo 3.2 via the deptid parameter.
- risk 0.70cvss 9.8epss 0.45
D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header.
- risk 0.64cvss 9.9epss 0.02
An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a…
- risk 0.64cvss 9.8epss 0.01
A10 ACOS Web Application Firewall (WAF) 2.7.1 and 2.7.2 before 2.7.2-P12, 4.1.0 before 4.1.0-P11, 4.1.1 before 4.1.1-P8, and 4.1.2 before 4.1.2-P4 mishandles the configured rules for blocking SQL injection attacks, aka A10-2017-0008.
- risk 0.64cvss 9.8epss 0.02
A SQL injection was discovered in /coreframe/app/admin/pay/admin/index.php in WUZHI CMS 4.1.0 via the index.php?m=pay&f=index&v=listing keyValue parameter.
- risk 0.64cvss 9.8epss 0.02
A SQL injection was discovered in /coreframe/app/admin/copyfrom.php in WUZHI CMS 4.1.0 via the index.php?m=core&f=copyfrom&v=listing keywords parameter.