CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In September 2018

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
201 CVE-2018-17067 787 Overflow 2018-09-15 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very long password to /goform/formLogin could lead to a stack-based buffer overflow and overwrite the return address.
202 CVE-2018-17066 78 2018-09-15 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/form2systime.cgi route. This could lead to command injection via shell metacharacters in the datetime parameter.
203 CVE-2018-17065 787 Overflow 2018-09-15 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/DDNS route, a very long password could lead to a stack-based buffer overflow and overwrite the return address.
204 CVE-2018-17064 78 2018-09-15 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/sylogapply route. This could lead to command injection via the syslogIp parameter after /goform/clearlog is invoked.
205 CVE-2018-17063 78 2018-09-15 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/NTPSyncWithHost route. This could lead to command injection via shell metacharacters.
206 CVE-2018-17062 79 XSS 2018-09-16 2018-11-07
4.3
None Remote Medium Not required None Partial None
An issue was discovered in SeaCMS 6.64. XSS exists in admin_video.php via the action, area, type, yuyan, jqtype, v_isunion, v_recycled, v_ismoney, or v_ispsd parameter.
207 CVE-2018-17061 79 XSS 2018-09-15 2018-11-07
4.3
None Remote Medium Not required None Partial None
BullGuard Safe Browsing before 18.1.355.9 allows XSS on Google, Bing, and Yahoo! pages via domains indexed in search results.
208 CVE-2018-17057 502 2018-09-14 2019-04-26
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
209 CVE-2018-17056 79 XSS 2018-09-28 2018-11-15
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in ServiceStack in Progress Sitefinity CMS versions 10.2 through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
210 CVE-2018-17055 434 2018-09-28 2018-12-12
5.0
None Remote Low Not required None Partial None
An arbitrary file upload vulnerability in Progress Sitefinity CMS versions 4.0 through 11.0 related to image uploads.
211 CVE-2018-17051 79 XSS 2018-09-14 2018-11-09
4.3
None Remote Medium Not required None Partial None
K-Net Cisco Configuration Manager through 2014-11-19 has XSS via devices.php.
212 CVE-2018-17050 190 Overflow 2018-09-21 2018-11-09
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for PolyAi (AI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
213 CVE-2018-17049 79 XSS 2018-09-14 2018-11-09
4.3
None Remote Medium Not required None Partial None
CQU-LANKERS through 2017-11-02 has XSS via the public/api.php callback parameter in an uploadpic action.
214 CVE-2018-17046 79 XSS 2018-09-14 2018-11-02
4.3
None Remote Medium Not required None Partial None
translate man before 2018-08-21 has XSS via containers/outputBox/outputBox.vue and store/index.js.
215 CVE-2018-17045 352 CSRF 2018-09-14 2018-11-28
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in CMS MaeloStore V.1.5.0. There is a CSRF vulnerability that can change the administrator password via admin/modul/users/aksi_users.php?act=update.
216 CVE-2018-17044 79 XSS 2018-09-14 2018-11-09
3.5
None Remote Medium ??? None Partial None
In YzmCMS 5.1, stored XSS exists via the admin/system_manage/user_config_add.html title parameter.
217 CVE-2018-17043 787 Overflow 2018-09-14 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue has been found in doc2txt through 2014-03-19. It is a heap-based buffer overflow in the function Storage::init in Storage.cpp, called from parse_doc in parse_doc.cpp.
218 CVE-2018-17042 835 2018-09-14 2019-10-03
4.3
None Remote Medium Not required None None Partial
An issue has been found in dbf2txt through 2012-07-19. It is a infinite loop.
219 CVE-2018-17039 79 XSS 2018-09-14 2018-11-08
4.3
None Remote Medium Not required None Partial None
MiniCMS 1.10, when Internet Explorer is used, allows XSS via a crafted URI because $_SERVER['REQUEST_URI'] is mishandled.
220 CVE-2018-17037 732 2018-09-14 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
user/editpost.php in UCMS 1.4.6 mishandles levels, which allows escalation from the normal user level of 1 to the superuser level of 3.
221 CVE-2018-17036 94 2018-09-14 2022-02-20
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in UCMS 1.4.6 and 1.6. It allows PHP code injection during installation via the systemdomain parameter to install/index.php, as demonstrated by injecting a phpinfo() call into /inc/config.php.
222 CVE-2018-17035 89 Sql 2018-09-14 2018-11-07
7.5
None Remote Low Not required Partial Partial Partial
UCMS 1.4.6 has SQL injection during installation via the install/index.php mysql_dbname parameter.
223 CVE-2018-17034 79 XSS 2018-09-14 2018-11-07
4.3
None Remote Medium Not required None Partial None
UCMS 1.4.6 has XSS via the install/index.php mysql_dbname parameter.
224 CVE-2018-17031 79 XSS 2018-09-14 2018-11-07
4.3
None Remote Medium Not required None Partial None
In Gogs 0.11.53, an attacker can use a crafted .eml file to trigger MIME type sniffing, which leads to XSS, as demonstrated by Internet Explorer, because an "X-Content-Type-Options: nosniff" header is not sent.
225 CVE-2018-17030 94 Exec Code 2018-09-14 2018-11-07
6.0
None Remote Medium ??? Partial Partial Partial
BigTree CMS 4.2.23 allows remote authenticated users, if possessing privileges to set hooks, to execute arbitrary code via /core/admin/auto-modules/forms/process.php.
226 CVE-2018-17026 79 XSS 2018-09-13 2018-10-30
3.5
None Remote Medium ??? None Partial None
admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_title parameter in an edit_page&name=error404 action, a different vulnerability than CVE-2018-10121.
227 CVE-2018-17025 79 XSS 2018-09-13 2018-10-30
4.3
None Remote Medium Not required None Partial None
admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_title parameter in an edit_page action for a page with no special role.
228 CVE-2018-17024 79 XSS 2018-09-13 2019-07-23
3.5
None Remote Medium ??? None Partial None
admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_title parameter in an add_page action.
229 CVE-2018-17023 352 CSRF 2018-09-13 2018-11-07
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability on ASUS GT-AC5300 routers with firmware through 3.0.0.4.384_32738 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request to start_apply.htm.
230 CVE-2018-17022 787 DoS Overflow 2018-09-13 2020-08-24
8.0
None Remote Low ??? Partial Partial Complete
Stack-based buffer overflow on the ASUS GT-AC5300 router through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact by setting a long sh_path0 value and then sending an appGet.cgi?hook=select_list("Storage_x_SharedPath") request, because ej_select_list in router/httpd/web.c uses strcpy.
231 CVE-2018-17021 79 XSS 2018-09-13 2018-11-07
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability on ASUS GT-AC5300 devices with firmware through 3.0.0.4.384_32738 allows remote attackers to inject arbitrary web script or HTML via the appGet.cgi hook parameter.
232 CVE-2018-17020 DoS 2018-09-13 2020-08-24
7.8
None Remote Low Not required None None Complete
ASUS GT-AC5300 devices with firmware through 3.0.0.4.384_32738 allow remote attackers to cause a denial of service via a single "GET / HTTP/1.1\r\n" line.
233 CVE-2018-17019 20 2018-09-13 2018-11-21
5.0
None Remote Low Not required None None Partial
In Bro through 2.5.5, there is a DoS in IRC protocol names command parsing in analyzer/protocol/irc/IRC.cc.
234 CVE-2018-17018 2018-09-13 2020-08-24
4.0
None Remote Low ??? None None Partial
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for time_switch name.
235 CVE-2018-17017 2018-09-13 2020-08-24
4.0
None Remote Low ??? None None Partial
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for dhcpd udhcpd enable.
236 CVE-2018-17016 2018-09-13 2020-08-24
4.0
None Remote Low ??? None None Partial
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for reboot_timer name.
237 CVE-2018-17015 2018-09-13 2020-08-24
4.0
None Remote Low ??? None None Partial
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for ddns phddns username.
238 CVE-2018-17014 2018-09-13 2020-08-24
4.0
None Remote Low ??? None None Partial
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for ip_mac_bind name.
239 CVE-2018-17013 2018-09-13 2020-08-24
4.0
None Remote Low ??? None None Partial
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for protocol wan wan_rate.
240 CVE-2018-17012 2018-09-13 2020-08-24
4.0
None Remote Low ??? None None Partial
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for hosts_info set_block_flag up_limit.
241 CVE-2018-17011 2018-09-13 2020-08-24
4.0
None Remote Low ??? None None Partial
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for hosts_info para sun.
242 CVE-2018-17010 2018-09-13 2020-08-24
4.0
None Remote Low ??? None None Partial
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for wireless wlan_host_2g bandwidth.
243 CVE-2018-17009 2018-09-13 2020-08-24
4.0
None Remote Low ??? None None Partial
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for wireless wlan_host_2g isolate.
244 CVE-2018-17008 2018-09-13 2020-08-24
4.0
None Remote Low ??? None None Partial
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for wireless wlan_host_2g power.
245 CVE-2018-17007 2018-09-13 2020-08-24
4.0
None Remote Low ??? None None Partial
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for wireless wlan_wds_2g ssid.
246 CVE-2018-17006 2018-09-13 2020-08-24
4.0
None Remote Low ??? None None Partial
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for firewall lan_manage mac2.
247 CVE-2018-17005 2018-09-13 2020-08-24
4.0
None Remote Low ??? None None Partial
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for firewall dmz enable.
248 CVE-2018-17004 2018-09-13 2020-08-24
4.0
None Remote Low ??? None None Partial
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for wlan_access name.
249 CVE-2018-17003 79 XSS 2018-09-21 2018-11-09
4.3
None Remote Medium Not required None Partial None
In LimeSurvey 3.14.7, HTML Injection and Stored XSS have been discovered in the appendix via the surveyls_title parameter to /index.php?r=admin/survey/sa/insert.
250 CVE-2018-17002 79 XSS 2018-09-21 2018-11-09
4.3
None Remote Medium Not required None Partial None
On the RICOH MP 2001 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.
Total number of vulnerabilities : 1174   Page : 1 2 3 4 5 (This Page)6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.