|
248631
|
9.8 |
CRITICAL
Network
|
ubilling
|
ubilling
|
Ubilling version <= 0.9.2 contains a Other/Unknown vulnerability in user-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2018-1000827
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248632
|
6.1 |
MEDIUM
Network
|
microweber
|
microweber
|
Microweber version <= 1.0.7 contains a Cross Site Scripting (XSS) vulnerability in Admin login form template that can result in Execution of JavaScript code.
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000826
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248633
|
10.0 |
CRITICAL
Network
|
freecol
|
freecol
|
FreeCol version <= nightly-2018-08-22 contains a XML External Entity (XXE) vulnerability in FreeColXMLReader parser that can result in Disclosure of confidential data, denial of service, SSRF, port s…
|
CWE-611
XXE
|
CVE-2018-1000825
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248634
|
9.8 |
CRITICAL
Network
|
megamek
|
megamek
|
MegaMek version < v0.45.1 contains a Other/Unknown vulnerability in Object Stream Connection that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2018-1000824
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248635
|
10.0 |
CRITICAL
Network
|
exist-db
|
exist
|
exist version <= 5.0.0-RC4 contains a XML External Entity (XXE) vulnerability in XML Parser for REST Server that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.
|
CWE-611
XXE
|
CVE-2018-1000823
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248636
|
10.0 |
CRITICAL
Network
|
codelibs
|
fess
|
codelibs fess version before commit faa265b contains a XML External Entity (XXE) vulnerability in GSA XML file parser that can result in Disclosure of confidential data, denial of service, SSRF, port…
|
CWE-611
XXE
|
CVE-2018-1000822
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248637
|
10.0 |
CRITICAL
Network
|
micromathematics_project
|
micromathematics
|
MicroMathematics version before commit 5c05ac8 contains a XML External Entity (XXE) vulnerability in SMathStudio files that can result in Disclosure of confidential data, denial of service, SSRF, por…
|
CWE-611
XXE
|
CVE-2018-1000821
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248638
|
10.0 |
CRITICAL
Network
|
neo4j
|
awesome_procedures_on_cyper
|
neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c contains a XML External Entity (XXE) vulnerability in XML Parser that can result in Disclosure of confidential data, denial of servic…
|
CWE-611
XXE
|
CVE-2018-1000820
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248639
|
5.4 |
MEDIUM
Network
|
grafana
|
grafana
|
Grafana version confirmed for 5.2.4 and 5.3.0 contains a Cross Site Scripting (XSS) vulnerability in Influxdb and Graphite query editor that can result in Running arbitrary js code in victims browser…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000816
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248640
|
4.3 |
MEDIUM
Network
|
brave
|
brave
|
Brave Software Inc. Brave version version 0.22.810 to 0.24.0 contains a Other/Unknown vulnerability in function ContentSettingsObserver::AllowScript() in content_settings_observer.cc that can result …
|
CWE-20
Improper Input Validation
|
CVE-2018-1000815
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
