Skip to main content
CVE-2018-18778 MEDIUM POC THREAT This Month

ACME mini_httpd before 1.30 lets remote users read arbitrary files. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Mini Httpd
NVD
CVSS 3.0
6.5
EPSS
74.0%
CVE-2018-18782 MEDIUM POC This Month

Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/myfriend.php ftype parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Dedecms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-18781 MEDIUM POC This Month

DedeCMS 5.7 SP2 allows XSS via the /member/uploads_select.php f or keyword parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Dedecms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-18749 MEDIUM POC This Month

data-tools through 2017-07-26 has an Integer Overflow leading to an incorrect end value for the write_wchars function. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Data Tools
NVD GitHub
CVSS 3.1
5.5
EPSS
0.7%
CVE-2018-18701 MEDIUM POC This Month

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Binutils
NVD
CVSS 3.0
5.5
EPSS
1.7%
CVE-2018-18700 MEDIUM POC This Month

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Binutils
NVD
CVSS 3.0
5.5
EPSS
1.7%
CVE-2018-18736 MEDIUM POC This Month

An XSS issue was discovered in catfish blog 2.0.33, related to "write source code.". Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Catfish Blog
NVD GitHub
CVSS 3.0
5.4
EPSS
0.6%
CVE-2018-18733 MEDIUM POC This Month

An XSS issue was discovered in Catfish CMS 4.8.30, related to "write source code," a similar issue to CVE-2018-13999. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Catfish Cms
NVD GitHub
CVSS 3.0
5.4
EPSS
0.5%
CVE-2018-18745 MEDIUM POC This Month

An XSS issue was discovered in SEMCMS 3.4 via admin/SEMCMS_Menu.php?lgid=1 during editing. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Semcms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-18744 MEDIUM POC This Month

An XSS issue was discovered in SEMCMS 3.4 via the fifth text box to the admin/SEMCMS_Main.php URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Semcms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-18743 MEDIUM POC This Month

An XSS issue was discovered in SEMCMS 3.4 via the second text field to the admin/SEMCMS_Categories.php?pid=1&lgid=1 URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Semcms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-18741 MEDIUM POC This Month

An XSS issue was discovered in SEMCMS 3.4 via admin/SEMCMS_Download.php?lgid=1 during editing. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Semcms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-18740 MEDIUM POC This Month

An XSS issue was discovered in SEMCMS 3.4 via the first input field to the admin/SEMCMS_Link.php?lgid=1 URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Semcms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-18739 MEDIUM POC This Month

An XSS issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_Products.php?lgid=1 Keywords field. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Semcms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-18738 MEDIUM POC This Month

An XSS issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_Categories.php?pid=1&lgid=1 category_key parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Semcms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-18726 MEDIUM POC This Month

An XSS issue was discovered in admin/sitelink/editsitelink?id=16 in YUNUCMS 1.1.5. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Yunucms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-18725 MEDIUM POC This Month

An XSS issue was discovered in admin/banner/editbanner?id=20 in YUNUCMS 1.1.5. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Yunucms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-18724 MEDIUM POC This Month

An XSS issue was discovered in index.php/admin/category/editcategory?id=73 in YUNUCMS 1.1.5. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Yunucms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-18723 MEDIUM POC This Month

An XSS issue was discovered in index.php/admin/area/editarea/id/110000 in YUNUCMS 1.1.5. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Yunucms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-18722 MEDIUM POC This Month

An XSS issue was discovered in admin/content/editcontent?id=29&gopage=1 in YUNUCMS 1.1.5. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Yunucms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-18721 MEDIUM POC This Month

An XSS issue was discovered in admin/link/editlink?id=5 in YUNUCMS 1.1.5. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Yunucms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-18720 MEDIUM POC This Month

An XSS issue was discovered in index.php/admin/system/basic in YUNUCMS 1.1.5. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Yunucms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-18717 MEDIUM POC This Month

An issue was discovered in Eleanor CMS through 2015-03-19. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Eleanor Cms
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-18694 MEDIUM POC This Month

admin/index.php?id=filesmanager in Monstra CMS 3.0.4 allows remote authenticated administrators to trigger stored XSS via JavaScript content in a file whose name lacks an extension. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Monstra
NVD GitHub
CVSS 3.0
4.8
EPSS
0.9%
CVE-2018-17622 MEDIUM This Month

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.1.0.5096. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Phantompdf Reader
NVD
CVSS 3.1
6.5
EPSS
3.0%
CVE-2018-1767 MEDIUM PATCH This Month

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Cachemonitor is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Websphere Application Server
NVD
CVSS 3.0
6.1
EPSS
1.4%
CVE-2018-18783 MEDIUM This Month

XSS was discovered in SEMCMS V3.4 via the semcms_remail.php?type=ok umail parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Semcms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-0735 MEDIUM PATCH This Month

The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

OpenSSL Information Disclosure Ubuntu Linux Debian Linux Node Js +18
NVD
CVSS 3.1
5.9
EPSS
4.8%
CVE-2018-18710 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 4.19. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Linux Information Disclosure Linux Kernel Ubuntu Linux Debian Linux
NVD GitHub
CVSS 3.0
5.5
EPSS
0.5%
CVE-2018-1766 MEDIUM PATCH This Month

IBM Team Concert (RTC) 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Team Concert
NVD
CVSS 3.0
5.4
EPSS
0.7%
CVE-2018-1380 MEDIUM This Month

IBM InfoSphere Master Data Management Collaboration Server 11.4, 11.5, and 11.6 could allow an authenticated user with CA level access to change change their ca-id to another users and read sensitive. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Infosphere Master Data Management
NVD
CVSS 3.0
4.9
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy