Skip to main content
CVE-2018-14977 MEDIUM POC This Month

An issue was discovered in QCMS 3.0.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Qcms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-7073 MEDIUM POC This Month

A local arbitrary file modification vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Moonshot Provisioning Manager Ubuntu Linux
NVD
CVSS 3.0
5.5
EPSS
0.7%
CVE-2018-14869 MEDIUM POC This Month

PHP Template Store Script 3.0.6 allows XSS via the Address line 1, Address Line 2, Bank name, or A/C Holder name field in a profile. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Php Template Store Script
NVD Exploit-DB
CVSS 3.0
5.4
EPSS
1.6%
CVE-2018-14964 MEDIUM POC This Month

An issue was discovered in EMLsoft 5.4.5. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Emlsoft
NVD GitHub
CVSS 3.0
5.4
EPSS
0.5%
CVE-2018-14962 MEDIUM POC This Month

zzcms 8.3 has stored XSS related to the content variable in user/manage.php and zt/show.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Zzcms
NVD GitHub
CVSS 3.0
5.4
EPSS
0.7%
CVE-2018-14976 MEDIUM POC This Month

An issue was discovered in QCMS 3.0.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Qcms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-14975 MEDIUM POC This Month

An issue was discovered in QCMS 3.0.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Qcms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-14974 MEDIUM POC This Month

An issue was discovered in QCMS 3.0.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Qcms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-14973 MEDIUM POC This Month

An issue was discovered in QCMS 3.0.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Qcms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-14972 MEDIUM POC This Month

An issue was discovered in QCMS 3.0.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Qcms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-14971 MEDIUM POC This Month

An issue was discovered in QCMS 3.0.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Qcms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-14970 MEDIUM POC This Month

An issue was discovered in QCMS 3.0.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Qcms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-14969 MEDIUM POC This Month

An issue was discovered in QCMS 3.0.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Qcms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-7091 MEDIUM This Month

HPE XP P9000 Command View Advanced Edition Software (CVAE) has open URL redirection vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Xp 9000 Command View
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-7090 MEDIUM This Month

HPE XP P9000 Command View Advanced Edition Software (CVAE) has local and remote cross site scripting vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Xp 9000 Command View
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-7075 MEDIUM This Month

A remote cross-site scripting (XSS) vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT version v7.3 (E0506). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Intelligent Management Center
NVD
CVSS 3.0
6.1
EPSS
1.0%
CVE-2018-7068 MEDIUM This Month

HPE has identified a remote HOST header attack vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Request Smuggling Information Disclosure Centralview Fraud Risk Management
NVD
CVSS 3.0
6.1
EPSS
1.0%
CVE-2018-1422 MEDIUM PATCH This Month

IBM Jazz Foundation products (IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.5) are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Doors Next Generation
NVD
CVSS 3.0
5.4
EPSS
1.0%
CVE-2018-7070 MEDIUM This Month

HPE has identified a remote disclosure of information vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Centralview Fraud Risk Management
NVD
CVSS 3.0
5.3
EPSS
1.9%
CVE-2018-7071 MEDIUM This Month

HPE has identified a remote access to sensitive information vulnerability in HPE Network Function Virtualization Director (NFVD) 4.2.1 prior to gui patch 3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Network Function Virtualization Director
NVD
CVSS 3.0
4.3
EPSS
0.8%
CVE-2018-1528 MEDIUM PATCH This Month

IBM Maximo Asset Management 7.6 through 7.6.3 could allow an authenticated user to obtain sensitive information from the WhoAmI API. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Maximo Asset Management Maximo For Aviation Maximo For Life Sciences +5
NVD
CVSS 3.0
4.3
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy