Skip to main content
CVE-2018-17852 CRITICAL POC Act Now

A SQL injection was discovered in WUZHI CMS 4.1.0 in coreframe/app/coupon/admin/card.php via the groupname parameter to the /index.php?m=coupon&f=card&v=detail_listing URI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Wuzhi Cms
NVD GitHub
CVSS 3.0
9.8
EPSS
1.5%
CVE-2018-17831 CRITICAL POC Act Now

In REDAXO before 5.6.3, a critical SQL injection vulnerability has been discovered in the rex_list class because of the prepareQuery function in core/lib/list.php, via the index.php?page=users/users. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Redaxo
NVD GitHub
CVSS 3.0
9.8
EPSS
2.1%
CVE-2018-17825 CRITICAL POC Act Now

An issue was discovered in AdPlug 2.3.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Adplug Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
2.3%
CVE-2018-14804 CRITICAL Act Now

Emerson AMS Device Manager v12.0 to v13.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Ams Device Manager
NVD
CVSS 3.0
9.8
EPSS
3.5%
CVE-2018-14802 CRITICAL Act Now

Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Frenic Loader 3 3 Firmware
NVD
CVSS 3.0
9.8
EPSS
3.6%
CVE-2018-14794 CRITICAL Act Now

Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Alpha5 Smart Loader Firmware
NVD
CVSS 3.0
9.8
EPSS
1.9%
CVE-2018-14790 CRITICAL Act Now

Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Frenic Loader 3 3 Firmware
NVD
CVSS 3.0
9.8
EPSS
5.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy