|
246461
|
8.8 |
HIGH
Network
|
wago
|
762-3000_firmware
762-3001_firmware
762-3002_firmware
762-3003_firmware
|
An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerability allows an authenticated user to upload arbitrary files to the file system wit…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2018-12980
|
2024-11-21 12:46 |
2018-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246462
|
6.5 |
MEDIUM
Network
|
wago
|
762-3000_firmware
762-3001_firmware
762-3002_firmware
762-3003_firmware
|
An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. Weak permissions allow an authenticated user to overwrite critical files by abusing the unrestr…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-12979
|
2024-11-21 12:46 |
2018-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246463
|
5.3 |
MEDIUM
Network
|
jester_project
|
jester
|
Directory traversal in Jester web framework 0.2.0 allows remote attackers to fetch files in arbitrary locations via "..%f" sequences.
|
CWE-22
Path Traversal
|
CVE-2018-13034
|
2024-11-21 12:46 |
2018-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246464
|
8.8 |
HIGH
Network
|
softexpert
|
excellence_suite
|
A SQL injection vulnerability in the SoftExpert (SE) Excellence Suite 2.0 allows remote authenticated users to perform SQL heuristics by pulling information from the database with the "cddocument" pa…
|
CWE-89
SQL Injection
|
CVE-2018-12977
|
2024-11-21 12:46 |
2018-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246465
|
6.1 |
MEDIUM
Network
|
chartered_accountant_\
|
_auditor_website_project
|
PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or firstname parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2018-13256
|
2024-11-21 12:46 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246466
|
7.5 |
HIGH
Network
|
adbglobal
|
dv2210_firmware
vv2220_firmware
vv5522_firmware
prg_av4202n_firmware
|
All ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege escalation vulnerability where attackers can gain access to the command line interface (CLI) if previo…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-13110
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246467
|
7.5 |
HIGH
Network
|
adbglobal
|
dv2210_firmware
vv2220_firmware
vv5522_firmware
prg_av4202n_firmware
|
All ADB broadband gateways / routers based on the Epicentro platform are affected by an authorization bypass vulnerability where attackers are able to access and manipulate settings within the web in…
|
CWE-863
Incorrect Authorization
|
CVE-2018-13109
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246468
|
7.8 |
HIGH
Local
|
adbglobal
|
dv2210_firmware
vv2220_firmware
vv5522_firmware
prg_av4202n_firmware
|
All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract furth…
|
NVD-CWE-noinfo
|
CVE-2018-13108
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246469
|
7.5 |
HIGH
Network
|
mercurial
|
mercurial
|
The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actu…
|
CWE-20
Improper Input Validation
|
CVE-2018-13348
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246470
|
9.8 |
CRITICAL
Network
|
mercurial
|
mercurial
|
mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13347
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
