CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In April 2018

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
201 CVE-2018-10102 79 XSS 2018-04-16 2018-05-18
4.3
None Remote Medium Not required None Partial None
Before WordPress 4.9.5, the version string was not escaped in the get_the_generator function, and could lead to XSS in a generator tag.
202 CVE-2018-10101 601 2018-04-16 2019-03-07
5.8
None Remote Medium Not required Partial Partial None
Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server.
203 CVE-2018-10100 601 2018-04-16 2018-05-18
5.8
None Remote Medium Not required Partial Partial None
Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS.
204 CVE-2018-10097 79 XSS 2018-04-16 2018-05-18
4.3
None Remote Medium Not required None Partial None
XSS exists in Domain Trader 2.5.3 via the recoverlogin.php email_address parameter.
205 CVE-2018-10096 79 XSS 2018-04-13 2018-05-11
3.5
None Remote Medium ??? None Partial None
joyplus-cms 1.6.0 has XSS via the device_name parameter in a manager/admin_ajax.php?action=save flag=add request.
206 CVE-2018-10087 20 DoS 2018-04-13 2019-03-20
2.1
None Local Low Not required None None Partial
The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value.
207 CVE-2018-10086 94 Exec Code Bypass 2018-04-13 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary code execution vulnerability in the admin dashboard because the implementation uses "eval('function testfunction'.rand()" and it is possible to bypass certain restrictions on these "testfunction" functions.
208 CVE-2018-10085 502 Exec Code 2018-04-13 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
CMS Made Simple (CMSMS) through 2.2.6 allows PHP object injection because of an unserialize call in the _get_data function of \lib\classes\internal\class.LoginOperations.php. By sending a crafted cookie, a remote attacker can upload and execute code, or delete files.
209 CVE-2018-10084 327 Bypass 2018-04-13 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
CMS Made Simple (CMSMS) through 2.2.6 contains a privilege escalation vulnerability from ordinary user to admin user by arranging for the eff_uid value within $_COOKIE[$this->_loginkey] to equal 1, because an SHA-1 cryptographic protection mechanism can be bypassed.
210 CVE-2018-10083 22 Dir. Trav. 2018-04-13 2018-04-13
6.4
None Remote Low Not required None Partial Partial
CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary file deletion vulnerability in the admin dashboard via directory traversal sequences in the val parameter within a cmd=del request, because code under modules\FilePicker does not restrict the val parameter.
211 CVE-2018-10082 200 +Info 2018-04-13 2018-04-13
5.0
None Remote Low Not required Partial None None
CMS Made Simple (CMSMS) through 2.2.7 allows physical path leakage via an invalid /index.php?page= value, a crafted URI starting with /index.php?mact=Search, or a direct request to /admin/header.php, /admin/footer.php, /lib/tasks/class.ClearCache.task.php, or /lib/tasks/class.CmsSecurityCheck.task.php.
212 CVE-2018-10081 640 2018-04-13 2018-04-17
5.0
None Remote Low Not required Partial None None
CMS Made Simple (CMSMS) through 2.2.6 contains an admin password reset vulnerability because data values are improperly compared, as demonstrated by a hash beginning with the "0e" substring.
213 CVE-2018-10080 345 2018-04-13 2018-05-22
5.0
None Remote Low Not required None Partial None
Secutech RiS-11, RiS-22, and RiS-33 devices with firmware V5.07.52_es_FRI01 allow DNS settings changes via a goform/AdvSetDns?GO=wan_dns.asp request in conjunction with a crafted admin cookie.
214 CVE-2018-10079 269 2018-04-20 2021-03-27
2.1
None Local Low Not required None Partial None
Geist WatchDog Console 3.2.2 uses a weak ACL for the C:\ProgramData\WatchDog Console directory, which allows local users to modify configuration data by updating (1) config.xml or (2) servers.xml.
215 CVE-2018-10078 79 XSS 2018-04-20 2021-03-27
3.5
None Remote Medium ??? None Partial None
Cross-site scripting (XSS) vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via a server description.
216 CVE-2018-10077 611 2018-04-20 2021-03-27
4.0
None Remote Low ??? Partial None None
XML external entity (XXE) vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to read arbitrary files via crafted XML data.
217 CVE-2018-10074 476 DoS 2018-04-12 2018-05-22
4.9
None Local Low Not required None None Complete
The hi3660_stub_clk_probe function in drivers/clk/hisilicon/clk-hi3660-stub.c in the Linux kernel before 4.16 allows local users to cause a denial of service (NULL pointer dereference) by triggering a failure of resource retrieval.
218 CVE-2018-10073 79 XSS 2018-04-12 2018-05-14
3.5
None Remote Medium ??? None Partial None
joyplus-cms 1.6.0 has XSS in manager/admin_vod.php via the keyword parameter.
219 CVE-2018-10072 20 DoS 2018-04-12 2018-10-17
4.9
None Local Low Not required None None Complete
windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a 0x953827bf DeviceIoControl call.
220 CVE-2018-10071 20 DoS 2018-04-12 2018-10-17
4.9
None Local Low Not required None None Complete
windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a 0x953826DB DeviceIoControl call.
221 CVE-2018-10070 400 2018-04-16 2018-05-22
7.8
None Remote Low Not required None None Complete
A vulnerability in MikroTik Version 6.41.4 could allow an unauthenticated remote attacker to exhaust all available CPU and all available RAM by sending a crafted FTP request on port 21 that begins with many '\0' characters, preventing the affected router from accepting new FTP connections. The router will reboot after 10 minutes, logging a "router was rebooted without proper shutdown" message.
222 CVE-2018-10068 79 XSS 2018-04-12 2018-05-15
4.3
None Remote Medium Not required None Partial None
The jDownloads extension before 3.2.59 for Joomla! has XSS.
223 CVE-2018-10066 295 2018-04-13 2018-05-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in MikroTik RouterOS 6.41.4. Missing OpenVPN server certificate verification allows a remote unauthenticated attacker capable of intercepting client traffic to act as a malicious OpenVPN server. This may allow the attacker to gain access to the client's internal network (for example, at site-to-site tunnels).
224 CVE-2018-10063 Exec Code 2018-04-12 2019-10-03
6.8
None Remote Medium Not required Partial Partial Partial
The Convert Forms extension before 2.0.4 for Joomla! is vulnerable to Remote Command Execution using CSV Injection that is mishandled when exporting a Leads file.
225 CVE-2018-10061 79 XSS 2018-04-12 2022-05-24
3.5
None Remote Medium ??? None Partial None
Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used).
226 CVE-2018-10060 79 XSS 2018-04-12 2022-05-24
3.5
None Remote Medium ??? None Partial None
Cacti before 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitize_uri function in lib/functions.php.
227 CVE-2018-10059 79 XSS 2018-04-12 2019-03-07
3.5
None Remote Medium ??? None Partial None
Cacti before 1.1.37 has XSS because the get_current_page function in lib/functions.php relies on $_SERVER['PHP_SELF'] instead of $_SERVER['SCRIPT_NAME'] to determine a page name.
228 CVE-2018-10054 20 Exec Code 2018-04-11 2019-12-14
6.5
None Remote Low ??? Partial Partial Partial
H2 1.4.197, as used in Datomic before 0.9.5697 and other products, allows remote code execution because CREATE ALIAS can execute arbitrary Java code.
229 CVE-2018-10052 79 XSS 2018-04-11 2018-05-09
3.5
None Remote Medium ??? None Partial None
iScripts SupportDesk v4.3 has XSS via the admin/inteligentsearchresult.php txtinteligentsearch parameter.
230 CVE-2018-10051 79 XSS 2018-04-11 2018-05-09
3.5
None Remote Medium ??? None Partial None
iScripts SupportDesk v4.3 has XSS via the staff/inteligentsearchresult.php txtinteligentsearch parameter.
231 CVE-2018-10050 89 Sql 2018-04-11 2018-05-09
6.5
None Remote Low ??? Partial Partial Partial
iScripts eSwap v2.4 has SQL injection via the "registration_settings.php" ddlFree parameter in the Admin Panel.
232 CVE-2018-10049 79 XSS 2018-04-11 2018-05-09
3.5
None Remote Medium ??? None Partial None
iScripts eSwap v2.4 has XSS via the "registration_settings.php" txtDate parameter in the Admin Panel.
233 CVE-2018-10048 352 CSRF 2018-04-11 2018-05-09
6.8
None Remote Medium Not required Partial Partial Partial
iScripts eSwap v2.4 has CSRF via "registration_settings.php" in the Admin Panel.
234 CVE-2018-10033 79 XSS 2018-04-11 2018-04-13
3.5
None Remote Medium ??? None Partial None
CMS Made Simple (aka CMSMS) 2.2.7 has Stored XSS in admin/siteprefs.php via the metadata parameter.
235 CVE-2018-10032 79 XSS 2018-04-11 2018-04-13
3.5
None Remote Medium ??? None Partial None
CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in admin/moduleinterface.php via the m1_version parameter.
236 CVE-2018-10031 352 CSRF 2018-04-11 2018-04-13
6.8
None Remote Medium Not required Partial Partial Partial
CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/moduleinterface.php.
237 CVE-2018-10030 352 CSRF 2018-04-11 2018-04-13
6.8
None Remote Medium Not required Partial Partial Partial
CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/siteprefs.php.
238 CVE-2018-10029 79 XSS 2018-04-11 2018-04-13
3.5
None Remote Medium ??? None Partial None
CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in admin/moduleinterface.php via the m1_name parameter, related to moduledepends, a different vulnerability than CVE-2017-16799.
239 CVE-2018-10028 200 +Info 2018-04-11 2018-05-11
5.0
None Remote Low Not required Partial None None
joyplus-cms 1.6.0 allows remote attackers to obtain sensitive information via a direct request to the install/ or log/ URI.
240 CVE-2018-10026 79 XSS 2018-04-11 2018-05-16
3.5
None Remote Medium ??? None Partial None
The WeChat module in YzmCMS 3.7.1 has reflected XSS via the admin/module/init.html echostr parameter, related to the valid function in application/wechat/controller/index.class.php.
241 CVE-2018-10024 522 2018-04-11 2019-10-03
5.0
None Remote Low Not required Partial None None
ubiQuoss Switch VP5208A creates a bcm_password file at /cgi-bin/ with the user credentials in cleartext when a failed login attempt occurs. The file can be reached via an HTTP request. The credentials can be used to access the system via SSH (or TELNET if it is enabled).
242 CVE-2018-10023 79 XSS 2018-04-11 2021-10-01
3.5
None Remote Medium ??? None Partial None
Catfish CMS V4.7.21 allows XSS via the pinglun parameter to cat/index/index/pinglun (aka an authenticated comment).
243 CVE-2018-10021 DoS 2018-04-11 2019-10-03
4.9
None Local Low Not required None None Complete
** DISPUTED ** drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel before 4.16 allows local users to cause a denial of service (ata qc leak) by triggering certain failure conditions. NOTE: a third party disputes the relevance of this report because the failure can only occur for physically proximate attackers who unplug SAS Host Bus Adapter cables.
244 CVE-2018-10017 125 DoS 2018-04-11 2020-10-15
4.3
None Remote Medium Not required None None Partial
soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service (out-of-bounds read) via an IT or MO3 file with many nested pattern loops.
245 CVE-2018-10016 369 2018-04-11 2020-07-13
4.3
None Remote Medium Not required None None Partial
Netwide Assembler (NASM) 2.14rc0 has a division-by-zero vulnerability in the expr5 function in asm/eval.c via a malformed input file.
246 CVE-2018-10001 125 DoS 2018-04-11 2020-03-30
4.3
None Remote Medium Not required None None Partial
The decode_init function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via an AVI file.
247 CVE-2018-10000 79 XSS 2018-04-11 2018-05-16
4.3
None Remote Medium Not required None Partial None
The Video Downloader professional extension before 2018-04-05 for Chrome has Universal XSS (UXSS) via vectors related to a link64_msgAddLinks event.
248 CVE-2018-9999 79 XSS 2018-04-18 2018-05-17
3.5
None Remote Medium ??? None Partial None
In Zulip Server versions before 1.7.2, there was an XSS issue with user uploads and the (default) LOCAL_UPLOADS_DIR storage backend.
249 CVE-2018-9996 674 2018-04-10 2019-10-03
4.3
None Remote Medium Not required None None Partial
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.
250 CVE-2018-9995 Bypass 2018-04-10 2019-10-03
5.0
None Remote Low Not required Partial None None
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
Total number of vulnerabilities : 1672   Page : 1 2 3 4 5 (This Page)6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.