Skip to main content
CVE-2018-5758 MEDIUM POC This Month

The Upload File functionality in upload.jspa in Aurea Jive Jive-n 9.0.2.1 On-Premises allows for an XML External Entity attack through a crafted file, allowing attackers to read arbitrary files. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XXE Jive N
NVD
CVSS 3.0
6.5
EPSS
3.1%
CVE-2018-8070 MEDIUM POC This Month

QCMS version 3.0 has XSS via the title parameter to the /guest/index.html URI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Qcms
NVD GitHub
CVSS 3.0
5.4
EPSS
0.5%
CVE-2018-8069 MEDIUM POC This Month

QCMS version 3.0 has XSS via the webname parameter to the /backend/system.html URI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Qcms
NVD GitHub
CVSS 3.0
5.4
EPSS
0.5%
CVE-2018-8058 MEDIUM POC This Month

CMS Made Simple (CMSMS) 2.2.6 has XSS in admin/moduleinterface.php via the pagedata parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Cms Made Simple
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-7893 MEDIUM POC This Month

CMS Made Simple (CMSMS) 2.2.6 has stored XSS in admin/moduleinterface.php via the metadata parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Cms Made Simple
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-7563 MEDIUM This Month

An issue was discovered in GLPI through 9.2.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Glpi
NVD GitHub
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-7858 MEDIUM PATCH This Month

Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Denial Of Service Buffer Overflow Qemu Leap +7
NVD
CVSS 3.1
5.5
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy