|
247781
|
7.5 |
HIGH
Network
|
paessler
|
prtg_network_monitor
|
Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack memory during unspecified API calls.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-10253
|
2024-11-21 12:41 |
2018-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247782
|
8.8 |
HIGH
Network
|
baijiacms_project
|
baijiacms
|
baijiacms V3 has CSRF via index.php?mod=site&op=edituser&name=manager&do=user to add an administrator account.
|
CWE-352
Origin Validation Error
|
CVE-2018-10249
|
2024-11-21 12:41 |
2018-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247783
|
5.4 |
MEDIUM
Network
|
icmsdev
|
icms
|
iCMS V7.0.8 has XSS via the admincp.php keywords parameter in a weixin_category action, aka a WeChat Classified Management keyword search.
|
CWE-79
Cross-site Scripting
|
CVE-2018-10250
|
2024-11-21 12:41 |
2018-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247784
|
6.5 |
MEDIUM
Network
|
wuzhicms
|
wuzhi_cms
|
An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can delete any article via index.php?m=content&f=content&v=recycle_delete.
|
CWE-352
Origin Validation Error
|
CVE-2018-10248
|
2024-11-21 12:41 |
2018-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247785
|
5.3 |
MEDIUM
Network
|
awstats
|
awstats
|
A Full Path Disclosure vulnerability in AWStats through 7.6 allows remote attackers to know where the config file is allocated, obtaining the full path of the server, a similar issue to CVE-2006-3682…
|
CWE-200
Information Exposure
|
CVE-2018-10245
|
2024-11-21 12:41 |
2018-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247786
|
7.5 |
HIGH
Network
|
ncomputing
|
vspace_pro
|
An issue was discovered in NcMonitorServer.exe in NC Monitor Server in NComputing vSpace Pro 10 and 11. It is possible to read arbitrary files outside the root directory of the web server. This vulne…
|
CWE-22
Path Traversal
|
CVE-2018-10201
|
2024-11-21 12:41 |
2018-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247787
|
9.8 |
CRITICAL
Network
|
bacnet_protocol_stack_project
|
bacnet_protocol_stack
|
bvlc.c in skarg BACnet Protocol Stack bacserv 0.9.1 and 0.8.5 is affected by a Buffer Overflow because of a lack of packet-size validation. The affected component is bacserv BACnet/IP BVLC forwarded …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-10238
|
2024-11-21 12:41 |
2018-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247788
|
7.2 |
HIGH
Network
|
poscms
|
poscms
|
POSCMS 3.2.18 allows remote attackers to execute arbitrary PHP code via the diy\dayrui\controllers\admin\Syscontroller.php 'add' function because an attacker can control the value of $data['name'] wi…
|
CWE-94
Code Injection
|
CVE-2018-10236
|
2024-11-21 12:41 |
2018-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247789
|
7.2 |
HIGH
Network
|
poscms
|
poscms
|
POSCMS 3.2.10 allows remote attackers to execute arbitrary PHP code via the diy\module\member\controllers\admin\Setting.php 'index' function because an attacker can control the value of $cache['setti…
|
CWE-94
Code Injection
|
CVE-2018-10235
|
2024-11-21 12:41 |
2018-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247790
|
6.1 |
MEDIUM
Network
|
zend
|
zend_server
|
Zend Debugger in Zend Server before 9.1.3 has XSS, aka ZSR-2455.
|
CWE-79
Cross-site Scripting
|
CVE-2018-10230
|
2024-11-21 12:41 |
2018-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
