|
246201
|
6.1 |
MEDIUM
Network
|
soflyy
|
wp_all_import
|
There are multiple XSS vulnerabilities in WP All Import plugin 3.4.9 for WordPress via action=template. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used…
|
CWE-79
Cross-site Scripting
|
CVE-2018-16257
|
2024-11-21 12:52 |
2019-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246202
|
6.1 |
MEDIUM
Network
|
soflyy
|
wp_all_import
|
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via Add Filtering Options(Add Rule). NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to …
|
CWE-79
Cross-site Scripting
|
CVE-2018-16256
|
2024-11-21 12:52 |
2019-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246203
|
6.1 |
MEDIUM
Network
|
soflyy
|
wp_all_import
|
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=evaluate. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a log…
|
CWE-79
Cross-site Scripting
|
CVE-2018-16255
|
2024-11-21 12:52 |
2019-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246204
|
6.1 |
MEDIUM
Network
|
soflyy
|
wp_all_import
|
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=options. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logg…
|
CWE-79
Cross-site Scripting
|
CVE-2018-16254
|
2024-11-21 12:52 |
2019-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246205
|
9.8 |
CRITICAL
Network
|
forcepoint
|
email_security
|
A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially crash a process creating a denial-of-service. While no known Remote …
|
CWE-787
Out-of-bounds Write
|
CVE-2018-16530
|
2024-11-21 12:52 |
2019-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246206
|
9.8 |
CRITICAL
Network
|
forcepoint
|
email_security
|
A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after the intended expiration period or after the URL has already been used t…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2018-16529
|
2024-11-21 12:52 |
2019-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246207
|
6.5 |
MEDIUM
Network
|
omron
|
poweract_pro_master_agent
|
PowerAct Pro Master Agent for Windows Version 5.13 and earlier allows authenticated attackers to bypass access restriction to alter or edit unauthorized files via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2018-16207
|
2024-11-21 12:52 |
2019-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246208
|
5.9 |
MEDIUM
Network
|
siemens
|
siprotec_5_with_cpu_variant_cp100
siprotec_5_with_cpu_variant_cp200
siprotec_5_with_cpu_variant_cp300
en100_ethernet_module_firmware
en100_ethernet_module_with_firmware_variant_dnp3_tcp
A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module (All versions < V4.35), Firmware variant MODBUS TCP for EN100 Ethernet module (All versions), Firmware vari…
|
NVD-CWE-noinfo
|
CVE-2018-16563
|
2024-11-21 12:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
246209
|
6.1 |
MEDIUM
Network
|
coyoapp
|
coyo
|
COYO 9.0.8, 10.0.11 and 12.0.4 has cross-site scripting (XSS) via URLs used by "iFrame" widgets.
|
CWE-79
Cross-site Scripting
|
CVE-2018-16519
|
2024-11-21 12:52 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246210
|
7.8 |
HIGH
Local
|
micco
|
lhmelting
lmlzh32.dll
unarj32.dll
unlha32.dll
|
Untrusted search path vulnerability in UNARJ32.DLL for Win32, LHMelting for Win32, and LMLzh32.DLL (UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier, LHMelting for Win32 Ver 1.65.3.6 and earlier, LMLz…
|
CWE-426
Untrusted Search Path
|
CVE-2018-16190
|
2024-11-21 12:52 |
2019-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
