|
249641
|
5.4 |
MEDIUM
Network
|
flippercode
|
wp_google_map
|
Cross-site scripting vulnerability in WP Google Map Plugin prior to version 4.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2018-0577
|
2024-11-21 12:38 |
2018-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249642
|
5.4 |
MEDIUM
Network
|
pixelite
|
events_manager
|
Cross-site scripting vulnerability in Events Manager plugin prior to version 5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2018-0576
|
2024-11-21 12:38 |
2018-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249643
|
8.8 |
HIGH
Network
|
sitebridge
|
joruri_gw
|
Unrestricted file upload vulnerability in SiteBridge Inc. Joruri Gw Ver 3.2.0 and earlier allows remote authenticated users to execute arbitrary PHP code via unspecified vectors.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2018-0568
|
2024-11-21 12:38 |
2018-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249644
|
7.5 |
HIGH
Network
|
microsoft
|
.net_core
.net_framework
|
A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents, aka ".NET and .NET Core Denial of Service Vulnerability." This affects Microsoft .NET Framework 2.0,…
|
CWE-611
XXE
|
CVE-2018-0765
|
2024-11-21 12:38 |
2018-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249645
|
6.5 |
MEDIUM
Network
|
gnu
canonical
debian
redhat
|
wget
ubuntu_linux
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
|
GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line.
|
CWE-20
Improper Input Validation
|
CVE-2018-0494
|
2024-11-21 12:38 |
2018-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249646
|
6.1 |
MEDIUM
Network
|
qnap
|
qts
|
Cross-site scripting (XSS) vulnerability in QNAP QTS 4.3.3 build 20180126, QTS 4.3.4 build 20180315, and their earlier versions could allow remote attackers to inject arbitrary web script or HTML.
|
CWE-79
Cross-site Scripting
|
CVE-2018-0711
|
2024-11-21 12:38 |
2018-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249647
|
8.1 |
HIGH
Network
|
lockon
|
ec-cube
|
Session fixation vulnerability in EC-CUBE (EC-CUBE 3.0.0, EC-CUBE 3.0.1, EC-CUBE 3.0.2, EC-CUBE 3.0.3, EC-CUBE 3..4, EC-CUBE 3.0.5, EC-CUBE 3.0.6, EC-CUBE 3.0.7, EC-CUBE 3.0.8, EC-CUBE 3.0.9, EC-CUBE…
|
CWE-384
Session Fixation
|
CVE-2018-0564
|
2024-11-21 12:38 |
2018-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249648
|
5.9 |
MEDIUM
Network
|
openssl
canonical
|
openssl
ubuntu_linux
|
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key gen…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2018-0737
|
2024-11-21 12:38 |
2018-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249649
|
7.8 |
HIGH
Local
|
coderium
|
soundengine
|
Untrusted search path vulnerability in Installer of SoundEngine Free ver.5.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
CWE-426
Untrusted Search Path
|
CVE-2018-0562
|
2024-11-21 12:38 |
2018-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249650
|
7.8 |
HIGH
Local
|
securebrain
|
phishwall
|
Untrusted search path vulnerability in The installer of PhishWall Client Internet Explorer edition Ver. 3.7.15 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecifi…
|
CWE-426
Untrusted Search Path
|
CVE-2018-0561
|
2024-11-21 12:38 |
2018-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
