Skip to main content
CVE-2018-12658 MEDIUM POC This Month

Reflected Cross-Site Scripting (XSS) exists in the Stock Take module in SLiMS 8 Akasia 8.3.1 via an admin/modules/stock_take/index.php?keywords= URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Slims
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2018-12657 MEDIUM POC This Month

Reflected Cross-Site Scripting (XSS) exists in the Master File module in SLiMS 8 Akasia 8.3.1 via an admin/modules/master_file/rda_cmc.php?keywords= URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Slims Akasia
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-12656 MEDIUM POC This Month

Reflected Cross-Site Scripting (XSS) exists in the Membership module in SLiMS 8 Akasia 8.3.1 via an admin/modules/membership/index.php?keywords= URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Slims Akasia
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-12655 MEDIUM POC This Month

Reflected Cross-Site Scripting (XSS) exists in the Circulation module in SLiMS 8 Akasia 8.3.1 via an admin/modules/circulation/loan_rules.php?keywords= URI, a related issue to CVE-2017-7242. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Slims Akasia
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-12654 MEDIUM POC This Month

Reflected Cross-Site Scripting (XSS) exists in the Bibliography module in SLiMS 8 Akasia 8.3.1 via an admin/modules/bibliography/index.php?keywords= URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Slims Akasia
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-12641 MEDIUM POC This Month

An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Binutils
NVD
CVSS 3.0
5.5
EPSS
2.1%
CVE-2018-7682 MEDIUM This Month

Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Solutions Business Manager
NVD
CVSS 3.0
6.5
EPSS
0.8%
CVE-2018-12633 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 4.17.2. Rated medium severity (CVSS 6.3).

Race Condition Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 3.0
6.3
EPSS
0.3%
CVE-2018-1655 MEDIUM This Month

IBM AIX 5.3, 6.1, 7.1, and 7.2 contains a vulnerability in the rmsock command that may be used to expose kernel memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Aix
NVD
CVSS 3.0
5.5
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy