|
249711
|
9.8 |
CRITICAL
Network
|
futomi
|
mp_form_mail_cgi
|
MP Form Mail CGI eCommerce Edition Ver 2.0.13 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2018-0514
|
2024-11-21 12:38 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249712
|
6.1 |
MEDIUM
Network
|
mtssb.mt-systems
|
simple_booking
|
Cross-site scripting vulnerability in MTS Simple Booking C, MTS Simple Booking Business version 1.28.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vecto…
|
CWE-79
Cross-site Scripting
|
CVE-2018-0513
|
2024-11-21 12:38 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249713
|
6.8 |
MEDIUM
Adjacent
|
iodata
|
hdl-xr_firmware
hdl-xrw_firmware
hdl-xr2u_firmware
hdl-xr2uw_firmware
hdl-xv_firmware
hdl-xvw_firmware
hdl-gt_firmware
hdl-gtr_firmware
hdl-a_firmware
hdl-ah_firmware
hd…
|
Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2018-0512
|
2024-11-21 12:38 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249714
|
6.1 |
MEDIUM
Network
|
meowapps
|
wp_retina_2x
|
Cross-site scripting vulnerability in WP Retina 2x prior to version 5.2.2 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2018-0511
|
2024-11-21 12:38 |
2018-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249715
|
9.8 |
CRITICAL
Network
|
kkcald_project
|
kkcald
|
Buffer overflow in epg search result viewer (kkcald) 0.7.19 and earlier allows remote attackers to perform unintended operations or execute DoS (denial of service) attacks via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-0510
|
2024-11-21 12:38 |
2018-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249716
|
8.8 |
HIGH
Network
|
kkcald_project
|
kkcald
|
Cross-site request forgery (CSRF) vulnerability in epg search result viewer (kkcald) 0.7.21 and earlier allows an attacker to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2018-0509
|
2024-11-21 12:38 |
2018-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249717
|
6.1 |
MEDIUM
Network
|
kkcald_project
|
kkcald
|
Cross-site scripting vulnerability in epg search result viewer (kkcald) 0.7.21 and earlier allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2018-0508
|
2024-11-21 12:38 |
2018-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249718
|
7.8 |
HIGH
Local
|
ntt-east
|
flet\'s_virus_clear_v6_easy_setup_\&_application_tool
flet\'s_virus_clear_easy_setup_\&_application_tool
|
Untrusted search path vulnerability in FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.11 and earlier versions, FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.11 and earlier versions al…
|
CWE-426
Untrusted Search Path
|
CVE-2018-0507
|
2024-11-21 12:38 |
2018-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249719
|
9.8 |
CRITICAL
Network
|
nootka_project
|
nootka
|
Nootka 1.4.4 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2018-0506
|
2024-11-21 12:38 |
2018-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249720
|
6.5 |
MEDIUM
Network
|
shibboleth
debian
|
xmltooling-c
debian_linux
|
Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote atta…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2018-0486
|
2024-11-21 12:38 |
2018-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
