|
247881
|
4.8 |
MEDIUM
Network
|
kibokolabs
|
arigato_autoresponder_and_newsletter
|
These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:14: via POST request variable classes
|
CWE-79
Cross-site Scripting
|
CVE-2018-1002006
|
2024-11-21 12:40 |
2018-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247882
|
4.8 |
MEDIUM
Network
|
kibokolabs
|
arigato_autoresponder_and_newsletter
|
These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in bft_list.html.php:43: via the filter_signup_date parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2018-1002005
|
2024-11-21 12:40 |
2018-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247883
|
4.8 |
MEDIUM
Network
|
kibokolabs
|
arigato_autoresponder_and_newsletter
|
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
|
CWE-79
Cross-site Scripting
|
CVE-2018-1002004
|
2024-11-21 12:40 |
2018-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247884
|
4.8 |
MEDIUM
Network
|
kibokolabs
|
arigato_autoresponder_and_newsletter
|
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
|
CWE-79
Cross-site Scripting
|
CVE-2018-1002003
|
2024-11-21 12:40 |
2018-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247885
|
4.8 |
MEDIUM
Network
|
kibokolabs
|
arigato_autoresponder_and_newsletter
|
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
|
CWE-79
Cross-site Scripting
|
CVE-2018-1002002
|
2024-11-21 12:40 |
2018-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247886
|
4.8 |
MEDIUM
Network
|
kibokolabs
|
arigato_autoresponder_and_newsletter
|
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
|
CWE-79
Cross-site Scripting
|
CVE-2018-1002001
|
2024-11-21 12:40 |
2018-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247887
|
7.2 |
HIGH
Network
|
kibokolabs
|
arigato_autoresponder_and_newsletter
|
There is blind SQL injection in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 These vulnerabilities require administrative privileges to exploit. There is an exploitable blind SQL injection…
|
CWE-89
SQL Injection
|
CVE-2018-1002000
|
2024-11-21 12:40 |
2018-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247888
|
7.5 |
HIGH
Network
|
paloaltonetworks
|
expedition
|
The Expedition Migration tool 1.0.106 and earlier may allow an unauthenticated attacker to enumerate files on the operating system.
|
CWE-200
Information Exposure
|
CVE-2018-10142
|
2024-11-21 12:40 |
2018-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247889
|
5.3 |
MEDIUM
Network
|
google
|
monorail
|
Google Monorail before 2018-04-04 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with duplicated column…
|
CWE-352
Origin Validation Error
|
CVE-2018-10099
|
2024-11-21 12:40 |
2018-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247890
|
6.1 |
MEDIUM
Network
|
paloaltonetworks
|
pan-os
|
GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8.1.4 allows an unauthenticated attacker to inject arbitrary JavaScript or HTML.
|
CWE-79
Cross-site Scripting
|
CVE-2018-10141
|
2024-11-21 12:40 |
2018-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
