CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2018

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
451 CVE-2018-11678 20 Bypass 2018-06-05 2018-07-20
5.0
None Remote Low Not required Partial None None
plugins/box/users/users.plugin.php in Monstra CMS 3.0.4 allows Login Rate Limiting Bypass via manipulation of the login_attempts cookie.
452 CVE-2018-11671 352 CSRF 2018-06-01 2018-06-29
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that can add an admin account via index.php?m=admin&c=access&a=adduserhandle.
453 CVE-2018-11670 352 Exec Code CSRF 2018-06-01 2018-06-29
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to execute arbitrary PHP code via the content parameter to index.php?m=admin&c=media&a=fileconnect.
454 CVE-2018-11657 835 2018-06-01 2019-10-03
5.0
None Remote Low Not required None None Partial
ngiflib.c in MiniUPnP ngiflib 0.4 has an infinite loop in DecodeGifImg and LoadGif.
455 CVE-2018-11656 772 DoS 2018-06-01 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file.
456 CVE-2018-11655 772 DoS 2018-06-01 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file.
457 CVE-2018-11652 1236 2018-06-01 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers to inject arbitrary OS commands via the Server field in an HTTP response header, which is directly injected into a CSV report.
458 CVE-2018-11651 79 XSS 2018-06-01 2018-06-27
4.3
None Remote Medium Not required None Partial None
Graylog before v2.4.4 has an XSS security issue with unescaped text in dashboard names, related to components/dashboard/Dashboard.jsx, components/dashboard/EditDashboardModal.jsx, and pages/ShowDashboardPage.jsx.
459 CVE-2018-11650 79 XSS 2018-06-01 2018-06-27
4.3
None Remote Medium Not required None Partial None
Graylog before v2.4.4 has an XSS security issue with unescaped text in notifications, related to toastr and util/UserNotification.js.
460 CVE-2018-11649 79 XSS 2018-06-01 2018-06-27
4.3
None Remote Medium Not required None Partial None
Hue 3.12 has XSS via the /pig/save/ name and script parameters.
461 CVE-2018-11647 79 XSS 2018-06-17 2018-08-09
4.3
None Remote Medium Not required None Partial None
index.js in oauth2orize-fprm before 0.2.1 has XSS via a crafted URL.
462 CVE-2018-11646 2018-06-01 2019-10-03
5.0
None Remote Low Not required None None Partial
webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash.
463 CVE-2018-11645 200 +Info 2018-06-01 2018-11-11
5.0
None Remote Low Not required Partial None None
psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.
464 CVE-2018-11629 798 Exec Code 2018-06-02 2019-06-27
10.0
None Remote Low Not required Complete Complete Complete
** DISPUTED ** Default and unremovable support credentials (user:lutron password:integration) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWorks QS Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not being a vulnerability because what can be done through the ports revolve around controlling lighting, not code execution. A certain set of commands are listed, which bear some similarity to code, but they are not arbitrary and do not allow admin-level control of a machine.
465 CVE-2018-11628 79 XSS 2018-06-01 2018-07-03
4.3
None Remote Medium Not required None Partial None
Data input into EMS Master Calendar before 8.0.0.201805210 via URL parameters is not properly sanitized, allowing malicious attackers to send a crafted URL for XSS.
466 CVE-2018-11589 89 Sql 2018-06-25 2018-08-28
7.5
None Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow attacks via the searchU parameter in viewLogs.php, the id parameter in GetXmlHost.php, the chartId parameter in ExportCSVServiceData.php, the searchCurve parameter in listComponentTemplates.php, or the host_id parameter in makeXML_ListMetrics.php.
467 CVE-2018-11588 79 XSS 2018-06-25 2018-08-28
3.5
None Remote Medium ??? None Partial None
Centreon 3.4.6 including Centreon Web 2.8.23 is vulnerable to an authenticated user injecting a payload into the username or command description, resulting in stored XSS. This is related to www/include/core/menu/menu.php and www/include/configuration/configObject/command/formArguments.php.
468 CVE-2018-11587 94 Exec Code 2018-06-25 2018-08-30
7.5
None Remote Low Not required Partial Partial Partial
There is Remote Code Execution in Centreon 3.4.6 including Centreon Web 2.8.23 via the RPN value in the Virtual Metric form in centreonGraph.class.php.
469 CVE-2018-11586 611 2018-06-05 2018-07-31
7.5
None Remote Low Not required Partial Partial Partial
XML external entity (XXE) vulnerability in api/rest/status in SearchBlox 8.6.7 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.
470 CVE-2018-11581 79 XSS 2018-06-01 2018-11-16
3.5
None Remote Medium ??? None Partial None
Cross-site scripting (XSS) vulnerability on Brother HL series printers allows remote attackers to inject arbitrary web script or HTML via the url parameter to etc/loginerror.html.
471 CVE-2018-11574 20 Overflow Bypass 2018-06-14 2020-02-24
7.5
None Remote Low Not required Partial Partial Partial
Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation is distributed as a patch for PPPD 0.91, and includes the affected eap.c and eap-tls.c files. Configurations that use the `refuse-app` option are unaffected.
472 CVE-2018-11564 79 XSS 2018-06-02 2018-07-05
3.5
None Remote Medium ??? None Partial None
Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malicious code via the picture upload feature. A user with elevated privileges could upload a photo to the system in an SVG format. This file will be uploaded to the system and it will not be stripped or filtered. The user can create a link on the website pointing to "/storage/poc.svg" that will point to http://localhost/pagekit/storage/poc.svg. When a user comes along to click that link, it will trigger a XSS attack.
473 CVE-2018-11560 787 Overflow 2018-06-23 2021-06-22
7.5
None Remote Low Not required Partial Partial Partial
The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 34100.
474 CVE-2018-11554 200 +Info 2018-06-05 2018-07-31
7.5
None Remote Low Not required Partial Partial Partial
The forgotten-password feature in index.php/member/reset/reset_email.html in YzmCMS v3.2 through v3.7 has a Response Discrepancy Information Exposure issue and an unexpectedly long lifetime for a verification code, which makes it easier for remote attackers to hijack accounts via a brute-force approach.
475 CVE-2018-11553 79 XSS 2018-06-06 2018-07-31
4.3
None Remote Medium Not required None Partial None
SGIN.CN xiangyun platform V9.4.10 has XSS via the login_url parameter to /login.php.
476 CVE-2018-11552 79 Exec Code XSS 2018-06-01 2018-07-03
4.3
None Remote Medium Not required None Partial None
There is a reflected XSS vulnerability in AXON PBX 2.02 via the "AXON->Auto-Dialer->Agents->Name" field. The vulnerability exists due to insufficient filtration of user-supplied data. A remote attacker can execute arbitrary HTML and script code in a browser in the context of the vulnerable application.
477 CVE-2018-11551 426 Exec Code 2018-06-01 2018-07-03
9.3
None Remote Medium Not required Complete Complete Complete
AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability exists because a DLL file is loaded by 'pbxsetup.exe' improperly.
478 CVE-2018-11538 352 Bypass CSRF 2018-06-01 2018-07-03
6.8
None Remote Medium Not required Partial Partial Partial
servlet/UserServlet in SearchBlox 8.6.6 has CSRF via the u_name, u_passwd1, u_passwd2, role, and X-XSRF-TOKEN POST parameters because of CSRF Token Bypass.
479 CVE-2018-11537 20 Bypass 2018-06-19 2018-08-23
4.3
None Remote Medium Not required None Partial None
Auth0 angular-jwt before 0.1.10 treats whiteListedDomains entries as regular expressions, which allows remote attackers with knowledge of the jwtInterceptorProvider.whiteListedDomains setting to bypass the domain whitelist filter via a crafted domain.
480 CVE-2018-11526 1236 2018-06-19 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
The plugin "WordPress Comments Import & Export" for WordPress (v2.0.4 and before) is vulnerable to CSV Injection.
481 CVE-2018-11525 1236 2018-06-19 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is vulnerable to CSV Injection.
482 CVE-2018-11522 79 XSS 2018-06-02 2018-07-03
4.3
None Remote Medium Not required None Partial None
Yosoro 1.0.4 has stored XSS.
483 CVE-2018-11510 78 Exec Code 2018-06-28 2019-10-03
5.0
None Remote Low Not required Partial None None
The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecate_js.cgi file by embedding OS commands in the 'script' parameter.
484 CVE-2018-11486 79 XSS 2018-06-01 2018-07-02
4.3
None Remote Medium Not required None Partial None
An issue was discovered in the MULTIDOTS Advance Search for WooCommerce plugin 1.0.9 and earlier for WordPress. This plugin is vulnerable to a stored Cross-site scripting (XSS) vulnerability. A non-authenticated user can save the plugin settings and inject malicious JavaScript code in the Custom CSS textarea field, which will be loaded on every site page.
485 CVE-2018-11485 79 XSS 2018-06-01 2018-07-02
4.3
None Remote Medium Not required None Partial None
The MULTIDOTS WooCommerce Quick Reports plugin 1.0.6 and earlier for WordPress is vulnerable to Stored XSS. It allows an attacker to inject malicious JavaScript code on the WooCommerce -> Orders admin page. The attack is possible by modifying the "referral_site" cookie to have an XSS payload, and placing an order.
486 CVE-2018-11449 2018-06-26 2019-10-09
2.1
None Local Low Not required Partial None None
A vulnerability has been identified in SCALANCE M875 (All versions). An attacker with access to the local file system might obtain passwords for administrative users. Successful exploitation requires read access to files on the local file system. A successful attack could allow an attacker to obtain administrative passwords. At the time of advisory publication no public exploitation of this security vulnerability was known.
487 CVE-2018-11448 79 Exec Code XSS 2018-06-26 2019-10-09
3.5
None Remote Medium ??? None Partial None
A vulnerability has been identified in SCALANCE M875 (All versions). The web interface on port 443/tcp could allow a stored Cross-Site Scripting (XSS) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires that the attacker has access to the web interface of an affected device. The attacker must be authenticated as administrative user on the web interface. Afterwards, a legitimate user must access the web interface. A successful attack could allow an attacker to execute malicious code in the browser of a legitimate user. At the time of advisory publication no public exploitation of this security vulnerability was known.
488 CVE-2018-11447 352 CSRF 2018-06-26 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability has been identified in SCALANCE M875 (All versions). The web interface on port 443/tcp could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires user interaction by an legitimate user, who must be authenticated to the web interface as administrative user. A successful attack could allow an attacker to interact with the web interface as an administrative user. This could allow the attacker to read or modify the device configuration, or to exploit other vulnerabilities that require authentication as administrative user. At the time of advisory publication no public exploitation of this security vulnerability was known.
489 CVE-2018-11446 190 Overflow 2018-06-25 2019-10-03
5.0
None Remote Low Not required None Partial None
The buy function of a smart contract implementation for Gold Reward (GRX), an Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the buyer because of overflow of the multiplication of its argument amount and a manipulable variable buyPrice, aka the "tradeTrap" issue.
490 CVE-2018-11409 200 +Info 2018-06-08 2018-07-31
5.0
None Remote Low Not required Partial None None
Splunk through 7.0.1 allows information disclosure by appending __raw/services/server/info/server-info?output_mode=json to a query, as demonstrated by discovering a license key.
491 CVE-2018-11408 601 2018-06-13 2019-03-13
5.8
None Remote Medium Not required Partial Partial None
The security handlers in the Security component in Symfony in 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11 have an Open redirect vulnerability when security.http_utils is inlined by a container. NOTE: this issue exists because of an incomplete fix for CVE-2017-16652.
492 CVE-2018-11407 287 Bypass 2018-06-13 2018-08-03
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the Ldap component in Symfony 2.8.x before 2.8.37, 3.3.x before 3.3.17, 3.4.x before 3.4.7, and 4.0.x before 4.0.7. It allows remote attackers to bypass authentication by logging in with a "null" password and valid username, which triggers an unauthenticated bind. NOTE: this issue exists because of an incomplete fix for CVE-2016-2403.
493 CVE-2018-11406 352 CSRF 2018-06-13 2019-03-29
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. By default, a user's session is invalidated when the user is logged out. This behavior can be disabled through the invalidate_session option. In this case, CSRF tokens were not erased during logout which allowed for CSRF token fixation.
494 CVE-2018-11386 613 DoS 2018-06-13 2019-03-29
4.3
None Remote Medium Not required None None Partial
An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations and with a well-crafted payload, it was possible to do a denial of service on a Symfony application without too much resources.
495 CVE-2018-11385 384 2018-06-13 2019-03-12
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. A session fixation vulnerability within the "Guard" login feature may allow an attacker to impersonate a victim towards the web application if the session id value was previously known to the attacker.
496 CVE-2018-11229 78 Exec Code 2018-06-08 2019-05-13
7.5
None Remote Low Not required Partial Partial Partial
Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via command injection in Crestron Toolbox Protocol (CTP).
497 CVE-2018-11228 94 Exec Code 2018-06-08 2019-05-02
10.0
None Remote Low Not required Complete Complete Complete
Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via a Bash shell service in Crestron Toolbox Protocol (CTP).
498 CVE-2018-11223 79 Exec Code XSS 2018-06-16 2018-08-02
3.5
None Remote Medium ??? None Partial None
XSS in Artica Pandora FMS before 7.0 NG 723 allows an attacker to execute arbitrary code via a crafted "refr" parameter in a "/pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=" call.
499 CVE-2018-11222 20 File Inclusion 2018-06-16 2018-08-14
5.0
None Remote Low Not required Partial None None
Local File Inclusion (LFI) in Artica Pandora FMS through version 7.23 allows an attacker to call any php file via the /pandora_console/ajax.php ajax endpoint.
500 CVE-2018-11221 434 2018-06-16 2018-08-14
7.5
None Remote Low Not required Partial Partial Partial
Unauthenticated untrusted file upload in Artica Pandora FMS through version 7.23 allows an attacker to upload an arbitrary plugin via include/ajax/update_manager.ajax in the update system.
Total number of vulnerabilities : 1788   Page : 1 2 3 4 5 6 7 8 9 10 (This Page)11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.