|
247851
|
9.0 |
CRITICAL
Network
|
anyplace_project
|
anyplace
|
Anyplace version before commit 80359b4 contains a XML External Entity (XXE) vulnerability in Man in the middle on map API call that can result in Disclosure of confidential data, denial of service, S…
|
CWE-611
XXE
|
CVE-2018-1000829
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247852
|
9.0 |
CRITICAL
Network
|
frostwire
|
frostwire
|
FrostWire version <= frostwire-desktop-6.7.4-build-272 contains a XML External Entity (XXE) vulnerability in Man in the middle on update that can result in Disclosure of confidential data, denial of …
|
CWE-611
XXE
|
CVE-2018-1000828
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247853
|
9.8 |
CRITICAL
Network
|
ubilling
|
ubilling
|
Ubilling version <= 0.9.2 contains a Other/Unknown vulnerability in user-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2018-1000827
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247854
|
6.1 |
MEDIUM
Network
|
microweber
|
microweber
|
Microweber version <= 1.0.7 contains a Cross Site Scripting (XSS) vulnerability in Admin login form template that can result in Execution of JavaScript code.
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000826
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247855
|
10.0 |
CRITICAL
Network
|
freecol
|
freecol
|
FreeCol version <= nightly-2018-08-22 contains a XML External Entity (XXE) vulnerability in FreeColXMLReader parser that can result in Disclosure of confidential data, denial of service, SSRF, port s…
|
CWE-611
XXE
|
CVE-2018-1000825
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247856
|
9.8 |
CRITICAL
Network
|
megamek
|
megamek
|
MegaMek version < v0.45.1 contains a Other/Unknown vulnerability in Object Stream Connection that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2018-1000824
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247857
|
10.0 |
CRITICAL
Network
|
exist-db
|
exist
|
exist version <= 5.0.0-RC4 contains a XML External Entity (XXE) vulnerability in XML Parser for REST Server that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.
|
CWE-611
XXE
|
CVE-2018-1000823
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247858
|
10.0 |
CRITICAL
Network
|
codelibs
|
fess
|
codelibs fess version before commit faa265b contains a XML External Entity (XXE) vulnerability in GSA XML file parser that can result in Disclosure of confidential data, denial of service, SSRF, port…
|
CWE-611
XXE
|
CVE-2018-1000822
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247859
|
10.0 |
CRITICAL
Network
|
micromathematics_project
|
micromathematics
|
MicroMathematics version before commit 5c05ac8 contains a XML External Entity (XXE) vulnerability in SMathStudio files that can result in Disclosure of confidential data, denial of service, SSRF, por…
|
CWE-611
XXE
|
CVE-2018-1000821
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247860
|
10.0 |
CRITICAL
Network
|
neo4j
|
awesome_procedures_on_cyper
|
neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c contains a XML External Entity (XXE) vulnerability in XML Parser that can result in Disclosure of confidential data, denial of servic…
|
CWE-611
XXE
|
CVE-2018-1000820
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
