|
249931
|
10.0 |
CRITICAL
Network
|
i-librarian
|
i\
_librarian
|
I Librarian I-librarian version 4.8 and earlier contains a XML External Entity (XXE) vulnerability in line 154 of importmetadata.php(simplexml_load_string) that can result in an attacker reading the …
|
CWE-611
CWE-918
XXE
Server-Side Request Forgery (SSRF)
|
CVE-2018-1000124
|
2024-11-21 12:39 |
2018-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249932
|
9.8 |
CRITICAL
Network
|
ionicframework
|
ios_keychain
|
Ionic Team Cordova plugin iOS Keychain version before commit 18233ca25dfa92cca018b9c0935f43f78fd77fbf contains an Information Exposure Through Log Files (CWE-532) vulnerability in CDVKeychain.m that …
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2018-1000123
|
2024-11-21 12:39 |
2018-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249933
|
9.8 |
CRITICAL
Network
|
inversoft
|
prime-jwt
|
inversoft prime-jwt version prior to version 1.3.0 or prior to commit 0d94dcef0133d699f21d217e922564adbb83a227 contains an input validation vulnerability in JWTDecoder.decode that can result in a JWT…
|
CWE-20
Improper Input Validation
|
CVE-2018-1000125
|
2024-11-21 12:39 |
2018-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249934
|
8.8 |
HIGH
Network
|
cmsmadesimple
|
cms_made_simple
|
CMS Made Simple version versions 2.2.5 contains a Cross ite Request Forgery (CSRF) vulnerability in Admin profile page that can result in Details can be found here http://dev.cmsmadesimple.org/bug/vi…
|
CWE-352
Origin Validation Error
|
CVE-2018-1000092
|
2024-11-21 12:39 |
2018-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249935
|
8.8 |
HIGH
Network
|
kadnode_project
|
kadnode
|
KadNode version version 2.2.0 contains a Buffer Overflow vulnerability in Arguments when starting up the binary that can result in Control of program execution flow, leading to remote code execution.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-1000091
|
2024-11-21 12:39 |
2018-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249936
|
7.5 |
HIGH
Network
|
textpattern
|
textpattern
|
textpattern version version 4.6.2 contains a XML Injection vulnerability in Import XML feature that can result in Denial of service in context to the web server by exhausting server memory resources.…
|
CWE-611
XXE
|
CVE-2018-1000090
|
2024-11-21 12:39 |
2018-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249937
|
4.8 |
MEDIUM
Network
|
wolfcms
|
wolf_cms
|
WolfCMS version version 0.8.3.1 contains a Reflected Cross Site Scripting vulnerability in "Create New File" and "Create New Directory" input box from 'files' Tab that can result in Session Hijacking…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000087
|
2024-11-21 12:39 |
2018-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249938
|
8.8 |
HIGH
Network
|
cryptonote
|
cryptonote
|
CryptoNote version version 0.8.9 and possibly later contain a local RPC server which does not require authentication, as a result the walletd and the simplewallet RPC daemons will process any command…
|
CWE-352
Origin Validation Error
|
CVE-2018-1000093
|
2024-11-21 12:39 |
2018-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249939
|
7.4 |
HIGH
Network
|
django-anymail_project
|
django-anymail
|
Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOK_AUTHORIZATION setting value that can result in An attacker with access to error logs could …
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2018-1000089
|
2024-11-21 12:39 |
2018-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249940
|
6.1 |
MEDIUM
Network
|
doorkeeper_project
|
doorkeeper
|
Doorkeeper version 2.1.0 through 4.2.5 contains a Cross Site Scripting (XSS) vulnerability in web view's OAuth app form, user authorization prompt web view that can result in Stored XSS on the OAuth …
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000088
|
2024-11-21 12:39 |
2018-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
