The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2019-9064 | PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9063 | PHP Scripts Mall Auction website script 2.0.4 allows parameter tampering of the payment amount. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9062 | PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Request Forgery (CSRF) in my-account.php. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9061 | An issue was discovered in CMS Made Simple 2.2.8. In the module ModuleManager (in the file action.installmodule.php), it is possible to reach an unserialize call with untrusted input and achieve authenticated object injection by using the \"install module\" feature. | MEDIUM | Mar 29, 2019 |
| CVE-2019-9060 | An issue was discovered in CMS Made Simple 2.2.8. It is possible to achieve unauthenticated path traversal in the CGExtensions module (in the file action.setdefaulttemplate.php) with the m1_filename parameter; and through the action.showmessage.php file, it is possible to read arbitrary file content (by using that path traversal with m1_prefname set to cg_errormsg and m1_resettodefault=1). | MEDIUM | Sep 17, 2021 |
| CVE-2019-9059 | An issue was discovered in CMS Made Simple 2.2.8. It is possible, with an administrator account, to achieve command injection by modifying the path of the e-mail executable in Mail Settings, setting \"sendmail\" in the \"Mailer\" option, and launching the \"Forgot your password\" feature. | MEDIUM | Mar 29, 2019 |
| CVE-2019-9058 | An issue was discovered in CMS Made Simple 2.2.8. In the administrator page admin/changegroupperm.php, it is possible to send a crafted value in the sel_groups parameter that leads to authenticated object injection. | MEDIUM | Mar 29, 2019 |
| CVE-2019-9057 | An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object injection. | MEDIUM | Mar 29, 2019 |
| CVE-2019-9056 | An issue was discovered in CMS Made Simple 2.2.8. In the module FrontEndUsers (in the file class.FrontEndUsersManipulate.php or class.FrontEndUsersManipulator.php), it is possible to reach an unserialize call with an untrusted __FEU__ cookie, and achieve authenticated object injection. | MEDIUM | Apr 12, 2019 |
| CVE-2019-9055 | An issue was discovered in CMS Made Simple 2.2.8. In the module DesignManager (in the files action.admin_bulk_css.php and action.admin_bulk_template.php), with an unprivileged user with Designer permission, it is possible reach an unserialize call with a crafted value in the m1_allparms parameter, and achieve object injection. | MEDIUM | Mar 29, 2019 |
| CVE-2019-9053 | An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve unauthenticated blind time-based SQL injection via the m1_idlist parameter. | MEDIUM | Mar 29, 2019 |
| CVE-2019-9052 | An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete pictures via a /admin.php?action=deleteimage&var1= URI. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9051 | An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete articles via a /admin.php?action=deletepage&var1= URI. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9050 | An issue was discovered in Pluck 4.7.9-dev1. It allows administrators to execute arbitrary code by using action=installmodule to upload a ZIP archive, which is then extracted and executed. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9049 | An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete modules via a /admin.php?action=module_delete&var1= URI. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9048 | An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete a theme (aka topic) via a /admin.php?action=theme_delete&var1= URI. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9047 | GoRose v1.0.4 has SQL Injection when the order_by or group_by parameter can be controlled. | HIGH | Mar 20, 2019 |
| CVE-2019-9042 | An issue was discovered in Sitemagic CMS v4.4. In the index.php?SMExt=SMFiles URI, the user can upload a .php file to execute arbitrary code, as demonstrated by 404.php. This can only occur if the administrator neglects to set FileExtensionFilter and there are untrusted user accounts. NOTE: The maintainer states that this is not a vulnerability but a feature used in conjunction with External Modules | Medium | Feb 26, 2019 |
| CVE-2019-9041 | An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzz_template.php file, the parserIfLabel() function\'s filtering is not strict, resulting in PHP code execution, as demonstrated by the if:assert substring. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9040 | S-CMS PHP v3.0 has a CSRF vulnerability to add a new admin user via the admin/ajax.php?type=admin&action=add URI, a related issue to CVE-2018-19332. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9039 | In Couchbase Sync Gateway 2.1.2, an attacker with access to the Sync Gateway’s public REST API was able to issue additional N1QL statements and extract sensitive data or call arbitrary N1QL functions through the parameters startkey and endkey on the _all_docs endpoint. By issuing nested queries with CPU-intensive operations they may have been able to cause increased resource usage and denial of service conditions. The _all_docs endpoint is not required for Couchbase Mobile replication and external access to this REST endpoint has been blocked to mitigate this issue. This issue has been fixed in versions 2.5.0 and 2.1.3. | HIGH | Jun 26, 2019 |
| CVE-2019-9038 | An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is an out-of-bounds read problem with a SEGV in the function ReadNextCell() in mat5.c. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9037 | An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a buffer over-read in the function Mat_VarPrint() in mat.c. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9036 | An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a heap-based buffer overflow in the function ReadNextFunctionHandle() in mat5.c. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9035 | An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in the function ReadNextStructField() in mat5.c. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9034 | An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read for a memcpy in the function ReadNextCell() in mat5.c. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9033 | An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read for the \"Rank and Dimension\" feature in the function ReadNextCell() in mat5.c. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9032 | An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is an out-of-bounds write problem causing a SEGV in the function Mat_VarFree() in mat.c. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9031 | An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a NULL pointer dereference in the function Mat_VarFree() in mat.c. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9030 | An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in Mat_VarReadNextInfo5() in mat5.c. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9029 | An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is an out-of-bounds read with a SEGV in the function Mat_VarReadNextInfo5() in mat5.c. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9028 | An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in the function InflateDimensions() in inflate.c when called from ReadNextCell in mat5.c. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9027 | An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a heap-based buffer overflow problem in the function ReadNextCell() in mat5.c. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9026 | An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a heap-based buffer overflow in the function InflateVarName() in inflate.c when called from ReadNextCell in mat5.c. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9025 | An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an argument to the mb_split() function in ext/mbstring/php_mbregex.c can cause PHP to execute memcpy() with a negative argument, which could read and write past buffers allocated for the data. | High | Mar 21, 2019 |
| CVE-2019-9024 | An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c. | Medium | Mar 21, 2019 |
| CVE-2019-9023 | An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regexec.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/enc/unicode.c, and ext/mbstring/oniguruma/src/utf32_be.c when a multibyte regular expression pattern contains invalid multibyte sequences. | High | Mar 26, 2019 |
| CVE-2019-9022 | An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects php_parserr in ext/standard/dns.c for DNS_CAA and DNS_ANY queries. | Medium | Mar 21, 2019 |
| CVE-2019-9021 | An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c. | High | Mar 21, 2019 |
| CVE-2019-9020 | An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c. | High | Mar 21, 2019 |
| CVE-2019-9019 | The British Airways Entertainment System, as installed on Boeing 777-36N(ER) and possibly other aircraft, does not prevent the USB charging/data-transfer feature from interacting with USB keyboard and mouse devices, which allows physically proximate attackers to conduct unanticipated attacks against Entertainment applications, as demonstrated by using mouse copy-and-paste actions to trigger a Chat buffer overflow or possibly have unspecified other impact. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9017 | DWRCC in SolarWinds DameWare Mini Remote Control 10.0 x64 has a Buffer Overflow associated with the size field for the machine name. | MEDIUM | May 4, 2019 |
| CVE-2019-9016 | An XSS vulnerability was discovered in MOPCMS through 2018-11-30. There is persistent XSS that allows remote attackers to inject arbitrary web script or HTML via the form[name] parameter in a mod=column request, as demonstrated by the /mopcms/X0AZgf(index).php?mod=column&ac=list&menuid=28&ac=add&menuid=29 URI. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9015 | A Path Traversal vulnerability was discovered in MOPCMS through 2018-11-30, leading to deletion of unexpected critical files. The exploitation point is in the \"column management\" function. The path added to the column is not verified. When a column is deleted by an attacker, the corresponding directory is deleted, as demonstrated by ./ to delete the entire web site. | MEDIUM | Mar 20, 2019 |
| CVE-2019-9013 | An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS based encryption, which results in user credentials being insufficiently protected during transport. All variants of the following CODESYS V3 products in all versions containing the CmpUserMgr component are affected regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control RTE V3, CODESYS Control RTE V3 (for Beckhoff CX), CODESYS Control Win V3 (also part of the CODESYS Development System setup), CODESYS V3 Simulation Runtime (part of the CODESYS Development System), CODESYS Control V3 Runtime System Toolkit, CODESYS HMI V3. | MEDIUM | Aug 30, 2019 |
| CVE-2019-9012 | An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System. | HIGH | Aug 30, 2019 |
| CVE-2019-9011 | In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), an attacker can identify valid usernames. | -- | Dec 27, 2022 |
| CVE-2019-9010 | An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway does not correctly verify the ownership of a communication channel. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System. | HIGH | Aug 30, 2019 |
| CVE-2019-9009 | An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash. | MEDIUM | Sep 18, 2019 |
| CVE-2019-9008 | An issue was discovered in 3S-Smart CODESYS V3 through 3.5.12.30. A user with low privileges can take full control over the runtime. | MEDIUM | Sep 17, 2019 |
