Skip to main content
CVE-2018-10082 MEDIUM POC This Month

CMS Made Simple (CMSMS) through 2.2.7 allows physical path leakage via an invalid /index.php?page= value, a crafted URI starting with /index.php?mact=Search, or a direct request to /admin/header.php,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Cms Made Simple
NVD GitHub
CVSS 3.0
5.3
EPSS
1.2%
CVE-2018-10096 MEDIUM POC This Month

joyplus-cms 1.6.0 has XSS via the device_name parameter in a manager/admin_ajax.php?action=save flag=add request. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Joyplus Cms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-6958 MEDIUM This Month

VMware vRealize Automation (vRA) prior to 7.3.1 contains a vulnerability that may allow for a DOM-based cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS VMware Vrealize Automation
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-5508 MEDIUM This Month

On F5 BIG-IP PEM versions 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.5.1-11.5.5, or 11.2.1, under certain conditions, TMM may crash when processing compressed data though a Virtual Server with an. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Big Ip Policy Enforcement Manager
NVD
CVSS 3.0
5.9
EPSS
0.9%
CVE-2018-4173 MEDIUM This Month

An issue was discovered in certain Apple products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Apple Iphone Os Mac Os X
NVD
CVSS 3.0
5.5
EPSS
0.7%
CVE-2018-10087 MEDIUM PATCH This Month

The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Debian Linux Ubuntu Linux
NVD GitHub
CVSS 3.0
5.5
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy