| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
451 |
CVE-2018-16410 |
89 |
|
Sql |
2018-09-03 |
2018-10-25 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Vanilla before 2.6.1 allows SQL injection via an invitationID array to /profile/deleteInvitation, related to applications/dashboard/models/class.invitationmodel.php and applications/dashboard/controllers/class.profilecontroller.php. |
|
452 |
CVE-2018-16409 |
918 |
|
|
2018-09-03 |
2018-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Gogs 0.11.53, an attacker can use migrate to send arbitrary HTTP GET requests, leading to SSRF. |
|
453 |
CVE-2018-16408 |
78 |
|
Exec Code |
2018-09-03 |
2020-08-24 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
D-Link DIR-846 devices with firmware 100.26 allow remote attackers to execute arbitrary code as root via a SetNetworkTomographySettings request by leveraging admin access. |
|
454 |
CVE-2018-16407 |
79 |
|
XSS |
2018-09-03 |
2018-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in Mayan EDMS before 3.0.3. The Tags app has XSS because tag label values are mishandled. |
|
455 |
CVE-2018-16406 |
79 |
|
XSS |
2018-09-03 |
2018-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in Mayan EDMS before 3.0.2. The Cabinets app has XSS via a crafted cabinet label. |
|
456 |
CVE-2018-16405 |
79 |
|
XSS |
2018-09-03 |
2018-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in Mayan EDMS before 3.0.2. The Appearance app sets window.location directly, leading to XSS. |
|
457 |
CVE-2018-16403 |
125 |
|
|
2018-09-03 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash. |
|
458 |
CVE-2018-16402 |
415 |
|
DoS |
2018-09-03 |
2021-11-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice. |
|
459 |
CVE-2018-16398 |
|
|
Bypass |
2018-09-03 |
2019-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
In Twistlock AuthZ Broker 0.1, regular expressions are mishandled, as demonstrated by containers/aa/pause?aaa=\/start to bypass a policy in which "docker start" is allowed but "docker pause" is not allowed. |
|
460 |
CVE-2018-16397 |
434 |
|
|
2018-09-03 |
2018-10-31 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
In LimeSurvey before 3.14.7, an admin user can leverage a "file upload" question to read an arbitrary file, |
|
461 |
CVE-2018-16393 |
119 |
|
DoS Overflow |
2018-09-03 |
2019-08-06 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Several buffer overflows when handling responses from a Gemsafe V1 Smartcard in gemsafe_get_cert_len in libopensc/pkcs15-gemsafeV1.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. |
|
462 |
CVE-2018-16392 |
119 |
|
DoS Overflow |
2018-09-03 |
2019-08-06 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Several buffer overflows when handling responses from a TCOS Card in tcos_select_file in libopensc/card-tcos.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. |
|
463 |
CVE-2018-16391 |
119 |
|
DoS Overflow |
2018-09-03 |
2019-08-06 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Several buffer overflows when handling responses from a Muscle Card in muscle_list_files in libopensc/card-muscle.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. |
|
464 |
CVE-2018-16389 |
89 |
|
Sql |
2018-09-12 |
2018-11-02 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
|
e107_admin/banlist.php in e107 2.1.8 allows SQL injection via the old_ip parameter. |
|
465 |
CVE-2018-16388 |
434 |
|
Exec Code |
2018-09-12 |
2018-11-02 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
e107_web/js/plupload/upload.php in e107 2.1.8 allows remote attackers to execute arbitrary PHP code by uploading a .php filename with the image/jpeg content type. |
|
466 |
CVE-2018-16387 |
352 |
|
CSRF |
2018-09-03 |
2018-10-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Elefant CMS before 2.0.5. There is a CSRF vulnerability that can add an account via user/add. |
|
467 |
CVE-2018-16385 |
89 |
|
Sql |
2018-09-03 |
2018-10-31 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
ThinkPHP before 5.1.23 allows SQL Injection via the public/index/index/test/index query string. |
|
468 |
CVE-2018-16384 |
89 |
|
Sql Bypass |
2018-09-03 |
2021-05-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecurity Core Rule Set (owasp-modsecurity-crs) through v3.1.0-rc3 via {`a`b} where a is a special function name (such as "if") and b is the SQL statement to be executed. |
|
469 |
CVE-2018-16382 |
125 |
|
|
2018-09-03 |
2020-07-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in x86/regflags.c. |
|
470 |
CVE-2018-16381 |
79 |
|
XSS |
2018-09-05 |
2018-10-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
e107 2.1.8 has XSS via the e107_admin/users.php?mode=main&action=list user_loginname parameter. |
|
471 |
CVE-2018-16380 |
352 |
|
CSRF |
2018-09-03 |
2019-09-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Ogma CMS 0.4 Beta. There is a CSRF vulnerability in users.php?action=createnew that can add an admin account. |
|
472 |
CVE-2018-16379 |
79 |
|
XSS |
2018-09-03 |
2019-09-23 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Ogma CMS 0.4 Beta has XSS via the "Footer Text footer" field on the "Theme/Theme Options" screen. |
|
473 |
CVE-2018-16376 |
787 |
|
DoS Overflow |
2018-09-03 |
2018-10-31 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact. |
|
474 |
CVE-2018-16375 |
787 |
|
Overflow |
2018-09-03 |
2021-01-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow. |
|
475 |
CVE-2018-16374 |
79 |
|
XSS |
2018-09-03 |
2018-10-24 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Frog CMS 0.9.5 has stored XSS via /admin/?/plugin/comment/settings. |
|
476 |
CVE-2018-16373 |
434 |
|
|
2018-09-03 |
2018-10-25 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save. |
|
477 |
CVE-2018-16372 |
79 |
|
XSS |
2018-09-03 |
2018-10-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The issue was discovered in IdeaCMS through 2016-04-30. There is reflected XSS via the index.php?c=content&a=search kw parameter. NOTE: this product is discontinued. |
|
478 |
CVE-2018-16371 |
79 |
|
XSS |
2018-09-03 |
2018-10-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: g=Team&m=User&a=index&keyword=, g=Team&m=User_group&a=index&keyword=, g=Team&m=Department&a=index&keyword=, and g=Team&m=Bulletin&a=index&keyword=. |
|
479 |
CVE-2018-16370 |
434 |
|
Exec Code |
2018-09-03 |
2018-11-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive. |
|
480 |
CVE-2018-16369 |
|
|
DoS |
2018-09-03 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453. |
|
481 |
CVE-2018-16368 |
125 |
|
DoS |
2018-09-03 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. |
|
482 |
CVE-2018-16367 |
22 |
|
Dir. Trav. |
2018-09-02 |
2020-08-24 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
In OnlineJudge 2.0, the sandbox has an incorrect access control vulnerability that can write a file anywhere. A user can write a directory listing to /tmp, and can leak file data with a #include. |
|
483 |
CVE-2018-16366 |
352 |
|
CSRF |
2018-09-02 |
2019-04-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=user&do=save allows CSRF. |
|
484 |
CVE-2018-16365 |
352 |
|
CSRF |
2018-09-02 |
2019-04-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=group&do=save allows CSRF. |
|
485 |
CVE-2018-16364 |
502 |
|
Exec Code |
2018-09-26 |
2020-09-29 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A serialization vulnerability in Zoho ManageEngine Applications Manager before build 13740 allows for remote code execution on Windows via a payload on an SMB share. |
|
486 |
CVE-2018-16363 |
79 |
|
XSS |
2018-09-07 |
2018-11-06 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via the lang parameter in a wp-admin/admin.php?page=wp_file_manager request because set_transient is used in file_folder_manager.php and there is an echo of lang in lib\wpfilemanager.php. |
|
487 |
CVE-2018-16362 |
79 |
|
Exec Code XSS |
2018-09-02 |
2020-02-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in the Source Integration plugin before 1.5.9 and 2.x before 2.1.5 for MantisBT. A cross-site scripting (XSS) vulnerability in the Manage Repository and Changesets List pages allows execution of arbitrary code (if CSP settings permit it) via repo_manage_page.php or list.php. |
|
488 |
CVE-2018-16361 |
79 |
|
XSS |
2018-09-05 |
2018-10-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in BTITeam XBTIT 2.5.4. news.php allows XSS via the id parameter. |
|
489 |
CVE-2018-16359 |
|
|
|
2018-09-02 |
2019-10-03 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
Complete |
None |
|
Google gVisor before 2018-08-23, within the seccomp sandbox, permits access to the renameat system call, which allows attackers to rename files on the host OS. |
|
490 |
CVE-2018-16358 |
79 |
|
XSS |
2018-09-02 |
2018-10-24 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
A cross-site scripting (XSS) vulnerability in inc/core/class.dc.core.php in the media manager in Dotclear through 2.14.1 allows remote authenticated users to upload HTML content containing an XSS payload with the file extension .ahtml. |
|
491 |
CVE-2018-16354 |
89 |
|
Sql |
2018-09-02 |
2018-10-25 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in FHCRM through 2018-02-11. There is a SQL injection via the index.php/User/read limit parameter. |
|
492 |
CVE-2018-16353 |
89 |
|
Sql |
2018-09-02 |
2018-10-25 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in FHCRM through 2018-02-11. There is a SQL injection via the /index.php/Customer/read limit parameter. |
|
493 |
CVE-2018-16352 |
434 |
|
|
2018-09-02 |
2018-10-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
There is a PHP code upload vulnerability in WeaselCMS 0.3.6 via index.php because code can be embedded at the end of a .png file when the image/png content type is used. |
|
494 |
CVE-2018-16350 |
79 |
|
XSS |
2018-09-02 |
2018-10-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
WUZHI CMS 4.1.0 has XSS via the index.php?m=core&f=set&v=basic form[statcode] parameter. |
|
495 |
CVE-2018-16349 |
79 |
|
XSS |
2018-09-02 |
2018-10-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
WUZHI CMS 4.1.0 has XSS via the index.php?m=link&f=index&v=add form[remark] parameter. |
|
496 |
CVE-2018-16348 |
79 |
|
XSS |
2018-09-02 |
2018-10-25 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
SeaCMS V6.61 has XSS via the admin_video.php v_content parameter, related to the site name. |
|
497 |
CVE-2018-16347 |
79 |
|
XSS |
2018-09-02 |
2018-10-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in Gleez CMS v1.2.0. There is XSS via media/imagecache/resize. |
|
498 |
CVE-2018-16346 |
79 |
|
XSS |
2018-09-02 |
2018-11-09 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
ChemCMS 1.0.6 has XSS via the "setting -> website information" field. |
|
499 |
CVE-2018-16345 |
352 |
|
CSRF |
2018-09-02 |
2018-11-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in EasyCMS 1.5. There is a CSRF vulnerability that can update the admin password via index.php?s=/admin/rbacuser/update/navTabId/listusers/callbackType/closeCurrent. |
|
500 |
CVE-2018-16344 |
22 |
|
Dir. Trav. |
2018-09-02 |
2018-11-13 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
An issue was discovered in zzcms 8.3. It allows remote attackers to delete arbitrary files via directory traversal sequences in the flv parameter. This can be leveraged for database access by deleting install.lock. |
