|
246311
|
7.5 |
HIGH
Network
|
t-swap-token_project
|
t-swap-token
|
The mintToken function of a smart contract implementation for t_swap, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any v…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13464
|
2024-11-21 12:47 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246312
|
7.5 |
HIGH
Network
|
t-swap-token_project
|
t-swap-token
|
The mintToken function of a smart contract implementation for T-Swap-Token (T-S-T), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13463
|
2024-11-21 12:47 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246313
|
7.5 |
HIGH
Network
|
moontoken_project
|
moontoken
|
The mintToken function of a smart contract implementation for MoonToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to an…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13462
|
2024-11-21 12:47 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246314
|
9.8 |
CRITICAL
Network
|
dolibarr
|
dolibarr_erp\/crm
|
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the status_batch parameter.
|
CWE-89
SQL Injection
|
CVE-2018-13450
|
2024-11-21 12:47 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246315
|
9.8 |
CRITICAL
Network
|
dolibarr
|
dolibarr_erp\/crm
|
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut_buy parameter.
|
CWE-89
SQL Injection
|
CVE-2018-13449
|
2024-11-21 12:47 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246316
|
9.8 |
CRITICAL
Network
|
dolibarr
|
dolibarr_erp\/crm
|
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the country_id parameter.
|
CWE-89
SQL Injection
|
CVE-2018-13448
|
2024-11-21 12:47 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246317
|
9.8 |
CRITICAL
Network
|
dolibarr
|
dolibarr_erp\/crm
|
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut parameter.
|
CWE-89
SQL Injection
|
CVE-2018-13447
|
2024-11-21 12:47 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246318
|
8.8 |
HIGH
Network
|
seacms
|
seacms
|
An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability that can add a user account via adm1n/admin_manager.php?action=add.
|
CWE-352
Origin Validation Error
|
CVE-2018-13445
|
2024-11-21 12:47 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246319
|
8.8 |
HIGH
Network
|
seacms
|
seacms
|
An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability that can add an admin account via adm1n/admin_manager.php?action=save&id=2.
|
CWE-352
Origin Validation Error
|
CVE-2018-13444
|
2024-11-21 12:47 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246320
|
6.5 |
MEDIUM
Network
|
audio_file_library_project
canonical
|
audio_file_library
ubuntu_linux
|
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf fil…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-13440
|
2024-11-21 12:47 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
