|
245901
|
9.8 |
CRITICAL
Network
|
thinkphp
|
thinkphp
|
ThinkPHP 3.2.4 has SQL Injection via the count parameter because the Library/Think/Db/Driver/Mysql.class.php parseKey function mishandles the key variable. NOTE: a backquote character is not required…
|
CWE-89
SQL Injection
|
CVE-2018-18529
|
2024-11-21 12:56 |
2018-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245902
|
9.8 |
CRITICAL
Network
|
owndms
|
ownticket
|
OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter.
|
CWE-89
SQL Injection
|
CVE-2018-18527
|
2024-11-21 12:56 |
2018-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245903
|
5.5 |
MEDIUM
Local
|
elfutils_project
debian
redhat
opensuse
canonical
|
elfutils
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
leap
ubuntu_linux
|
Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as dem…
|
CWE-369
Divide By Zero
|
CVE-2018-18521
|
2024-11-21 12:56 |
2018-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245904
|
6.5 |
MEDIUM
Network
|
elfutils_project
debian
canonical
opensuse
redhat
|
elfutils
debian_linux
ubuntu_linux
leap
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
|
An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-18520
|
2024-11-21 12:56 |
2018-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245905
|
9.8 |
CRITICAL
Network
|
gxlcms
|
gxlcms
|
In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injection exists via the ids[] parameter.
|
CWE-89
SQL Injection
|
CVE-2018-18488
|
2024-11-21 12:56 |
2018-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245906
|
7.5 |
HIGH
Network
|
gxlcms
|
gxlcms
|
In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mt_rand() unsafely, resulting in predictable database backup file locations.
|
CWE-200
Information Exposure
|
CVE-2018-18487
|
2024-11-21 12:56 |
2018-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245907
|
9.8 |
CRITICAL
Network
|
phpshe
|
phpshe
|
An issue was discovered in PHPSHE 1.7. SQL injection exists via the admin.php?mod=user&act=del user_id[] parameter.
|
CWE-89
SQL Injection
|
CVE-2018-18486
|
2024-11-21 12:56 |
2018-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245908
|
7.5 |
HIGH
Network
|
phpshe
|
phpshe
|
An issue was discovered in PHPSHE 1.7. admin.php?mod=db&act=del allows remote attackers to delete arbitrary files via directory traversal sequences in the dbname parameter. This can be leveraged to r…
|
CWE-22
Path Traversal
|
CVE-2018-18485
|
2024-11-21 12:56 |
2018-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245909
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack con…
|
CWE-674
Uncontrolled Recursion
|
CVE-2018-18484
|
2024-11-21 12:56 |
2018-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245910
|
7.8 |
HIGH
Local
|
gnu
|
binutils
|
The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflow…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-18483
|
2024-11-21 12:56 |
2018-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
