|
246611
|
4.6 |
MEDIUM
Network
|
otrs
debian
|
otrs
debian_linux
|
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.7. A carefully constructed email could be used to inject and execute arbitrary stylesheet or JavaScript code in a logged…
|
NVD-CWE-noinfo
|
CVE-2018-11563
|
2024-11-21 12:43 |
2019-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246612
|
9.8 |
CRITICAL
Network
|
flowpaper
|
flexpaper
|
The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote code execution via setup.php and change_config.php.
|
CWE-20
Improper Input Validation
|
CVE-2018-11686
|
2024-11-21 12:43 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246613
|
9.8 |
CRITICAL
Network
|
moxa
|
oncell_g3470a-lte-us_firmware
oncell_g3470a-lte-us-t_firmware
oncell_g3470a-lte-eu_firmware
oncell_g3470a-lte-eu-t_firmware
|
Memory corruption issue was discovered in Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11424.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11425
|
2024-11-21 12:43 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246614
|
7.5 |
HIGH
Network
|
moxa
|
oncell_g3470a-lte-us_firmware
oncell_g3470a-lte-us-t_firmware
oncell_g3470a-lte-eu_firmware
oncell_g3470a-lte-eu-t_firmware
|
There is Memory corruption in the web interface of Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11425.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-11424
|
2024-11-21 12:43 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246615
|
7.5 |
HIGH
Network
|
moxa
|
oncell_g3150-hspa_firmware
oncell_g3150-hspa-t_firmware
|
There is Memory corruption in the web interface Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior, different vulnerability than CVE-2018-11420.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11423
|
2024-11-21 12:43 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246616
|
9.8 |
CRITICAL
Network
|
moxa
|
oncell_g3150-hspa_firmware
oncell_g3150-hspa-t_firmware
|
Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary configuration protocol that does not provide confidentiality, integrity, and authenticity security controls. All i…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2018-11422
|
2024-11-21 12:43 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246617
|
9.8 |
CRITICAL
Network
|
moxa
|
oncell_g3150-hspa_firmware
oncell_g3150-hspa-t_firmware
|
Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior use a proprietary monitoring protocol that does not provide confidentiality, integrity, and authenticity security controls. All info…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2018-11421
|
2024-11-21 12:43 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246618
|
9.8 |
CRITICAL
Network
|
moxa
|
oncell_g3150-hspa_firmware
oncell_g3150-hspa-t_firmware
|
There is Memory corruption in the web interface of Moxa OnCell G3100-HSPA Series version 1.5 Build 17042015 and prio,r a different vulnerability than CVE-2018-11423.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-11420
|
2024-11-21 12:43 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246619
|
6.1 |
MEDIUM
Network
|
intelliants
|
subrion
|
Subrion CMS before 4.1.4 has XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2018-11317
|
2024-11-21 12:43 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246620
|
8.8 |
HIGH
Network
|
moxa
|
oncell_g3150-hspa_firmware
oncell_g3150-hspa-t_firmware
|
CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device administrator.
|
CWE-352
Origin Validation Error
|
CVE-2018-11427
|
2024-11-21 12:43 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
