|
247311
|
6.1 |
MEDIUM
Network
|
phpscriptsmall
|
olx_clone
|
PHP Scripts Mall Olx Clone 3.4.2 has XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2018-16326
|
2024-11-21 12:52 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247312
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Orphaned Upload Files Exposure.
|
CWE-200
Information Exposure
|
CVE-2018-16051
|
2024-11-21 12:52 |
2018-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247313
|
6.1 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.5 and 11.2.x before 11.2.2. There is Persistent XSS in the Merge Request Changes View.
|
CWE-79
Cross-site Scripting
|
CVE-2018-16050
|
2024-11-21 12:52 |
2018-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247314
|
9.8 |
CRITICAL
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Sensitive Data Disclosure in Sidekiq Logs through an Error M…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2018-16049
|
2024-11-21 12:52 |
2018-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247315
|
4.3 |
MEDIUM
Network
|
otrs
debian
|
open_ticket_request_system
debian_linux
|
In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a logged in user opens it, the e…
|
NVD-CWE-noinfo
|
CVE-2018-16586
|
2024-11-21 12:52 |
2018-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247316
|
5.4 |
MEDIUM
Network
|
xwiki
|
xwiki
|
The Image Import function in XWiki through 10.7 has XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2018-16277
|
2024-11-21 12:52 |
2018-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247317
|
8.8 |
HIGH
Network
|
netgate
|
pfsense
|
An authenticated command injection vulnerability exists in status_interfaces.php via dhcp_relinquish_lease() in pfSense before 2.4.4 due to its passing user input from the $_POST parameters "ifdescr"…
|
CWE-78
OS Command
|
CVE-2018-16055
|
2024-11-21 12:52 |
2018-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247318
|
8.1 |
HIGH
Network
|
zohocorp
|
manageengine_applications_manager
|
A serialization vulnerability in Zoho ManageEngine Applications Manager before build 13740 allows for remote code execution on Windows via a payload on an SMB share.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2018-16364
|
2024-11-21 12:52 |
2018-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247319
|
7.5 |
HIGH
Network
|
strongswan
debian
canonical
|
strongswan
debian_linux
ubuntu_linux
|
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorit…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2018-16152
|
2024-11-21 12:52 |
2018-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247320
|
7.5 |
HIGH
Network
|
strongswan
debian
canonical
|
strongswan
debian_linux
ubuntu_linux
|
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded al…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2018-16151
|
2024-11-21 12:52 |
2018-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
