The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2018-19954 | The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. If exploited, the vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Photo Station versions prior to 5.7.11; versions prior to 6.0.10. | MEDIUM | Nov 2, 2020 |
| CVE-2018-19953 | If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build 20200107; QTS 4.3.3.1161 on build 20200109; QTS 4.2.6 on build 20200109. | MEDIUM | Oct 28, 2020 |
| CVE-2018-19952 | If exploited, this SQL injection vulnerability could allow remote attackers to obtain application information. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11. | MEDIUM | Nov 4, 2020 |
| CVE-2018-19951 | If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11. | MEDIUM | Nov 2, 2020 |
| CVE-2018-19950 | If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11. | HIGH | Nov 2, 2020 |
| CVE-2018-19949 | If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build 20200107; QTS 4.3.3.1161 on build 20200109; QTS 4.2.6 on build 20200109. | HIGH | Oct 28, 2020 |
| CVE-2018-19948 | The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this cross-site request forgery (CSRF) vulnerability could allow attackers to force NAS users to execute unintentional actions through a web application. QNAP has already fixed the issue in Helpdesk 3.0.3 and later. | MEDIUM | Sep 11, 2020 |
| CVE-2018-19947 | The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this information exposure vulnerability could disclose sensitive information. QNAP has already fixed the issue in Helpdesk 3.0.3 and later. | MEDIUM | Sep 11, 2020 |
| CVE-2018-19946 | The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this improper certificate validation vulnerability could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client. QNAP has already fixed the issue in Helpdesk 3.0.3 and later. | MEDIUM | Sep 11, 2020 |
| CVE-2018-19945 | A vulnerability has been reported to affect earlier QNAP devices running QTS 4.3.4 to 4.3.6. Caused by improper limitations of a pathname to a restricted directory, this vulnerability allows for renaming arbitrary files on the target system, if exploited. QNAP have already fixed this vulnerability in the following versions: QTS 4.3.6.0895 build 20190328 (and later) QTS 4.3.4.0899 build 20190322 (and later) This issue does not affect QTS 4.4.x or QTS 4.5.x. | HIGH | Dec 31, 2020 |
| CVE-2018-19944 | A cleartext transmission of sensitive information vulnerability has been reported to affect certain QTS devices. If exploited, this vulnerability allows a remote attacker to gain access to sensitive information. QNAP have already fixed this vulnerability in the following versions: QTS 4.4.3.1354 build 20200702 (and later) | MEDIUM | Dec 31, 2020 |
| CVE-2018-19943 | If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed these issues in the following QTS versions. QTS 4.4.2.1270 build 20200410 and later QTS 4.4.1.1261 build 20200330 and later QTS 4.3.6.1263 build 20200330 and later QTS 4.3.4.1282 build 20200408 and later QTS 4.3.3.1252 build 20200409 and later QTS 4.2.6 build 20200421 and later | LOW | Oct 28, 2020 |
| CVE-2018-19942 | A cross-site scripting (XSS) vulnerability has been reported to affect earlier versions of File Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 build 20210202 (and later) QTS 4.5.1.1456 build 20201015 (and later) QTS 4.3.6.1446 build 20200929 (and later) QTS 4.3.4.1463 build 20201006 (and later) QTS 4.3.3.1432 build 20201006 (and later) QTS 4.2.6 build 20210327 (and later) QuTS hero h4.5.1.1472 build 20201031 (and later) QuTScloud c4.5.4.1601 build 20210309 (and later) QuTScloud c4.5.3.1454 build 20201013 (and later) | MEDIUM | Apr 16, 2021 |
| CVE-2018-19941 | A vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows an attacker to access sensitive information stored in cleartext inside cookies via certain widely-available tools. QNAP have already fixed this vulnerability in the following versions: QTS 4.5.1.1456 build 20201015 (and later) QuTS hero h4.5.1.1472 build 20201031 (and later) QuTScloud c4.5.2.1379 build 20200730 (and later) | MEDIUM | Dec 31, 2020 |
| CVE-2018-19939 | The Goodix GT9xx touchscreen driver for custom Linux kernels on Xiaomi daisy-o-oss and daisy-p-oss as used in Mi A2 Lite and RedMi6 pro devices through 2018-08-27 has a NULL pointer dereference in kfree after a kmalloc failure in gtp_read_Color in drivers/input/touchscreen/gt917d/gt9xx.c. | MEDIUM | Dec 7, 2018 |
| CVE-2018-19937 | A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app before 3.1.5 for iOS by opening a URL and turning the phone. | MEDIUM | Dec 31, 2018 |
| CVE-2018-19936 | PrinterOn Enterprise 4.1.4 allows Arbitrary File Deletion. | MEDIUM | Dec 17, 2018 |
| CVE-2018-19935 | ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function. | MEDIUM | Dec 17, 2018 |
| CVE-2018-19934 | SolarWinds Serv-U FTP Server 15.1.6.25 has reflected cross-site scripting (XSS) in the Web management interface via URL path and HTTP POST parameter. | LOW | Mar 27, 2019 |
| CVE-2018-19933 | Bolt CMS <3.6.2 allows XSS via text input click preview button as demonstrated by the Title field of a Configured and New Entry. | MEDIUM | Dec 17, 2018 |
| CVE-2018-19932 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c. | MEDIUM | Dec 11, 2018 |
| CVE-2018-19931 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted. | MEDIUM | Dec 11, 2018 |
| CVE-2018-19927 | Zenitel Norway IP-StationWeb before 4.2.3.9 allows stored XSS via the Display Name for Station Status or Account Settings, related to the goform/zForm_save_changes sip_nick parameter. The password of alphaadmin for the admin account may be used for authentication in some cases. | LOW | Dec 6, 2018 |
| CVE-2018-19926 | Zenitel Norway IP-StationWeb before 4.2.3.9 allows reflected XSS via the goform/ PATH_INFO. | MEDIUM | Dec 6, 2018 |
| CVE-2018-19925 | An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. It has SQL injection via the member/member_order.php type parameter, related to the O_state parameter. | HIGH | Dec 6, 2018 |
| CVE-2018-19924 | An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. An email address can be modified in between the request for a validation code and the entry of the validation code, leading to storage of an XSS payload contained in the modified address. | MEDIUM | Dec 6, 2018 |
| CVE-2018-19923 | An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. There is member/member_email.php?action=edit CSRF. | MEDIUM | Dec 6, 2018 |
| CVE-2018-19922 | Persistent Cross-Site Scripting (XSS) in the advancedsetup_websiteblocking.html Website Blocking page of the Actiontec C1000A router with firmware through CAC004-31.30L.95 allows a remote attacker to inject arbitrary HTML into the Website Blocking page by inserting arbitrary HTML into the \'TodUrlAdd\' URL parameter in a /urlfilter.cmd POST request. | MEDIUM | Dec 6, 2018 |
| CVE-2018-19921 | Zoho ManageEngine OpManager 12.3 before 123237 has XSS in the domain controller. | Medium | Dec 10, 2018 |
| CVE-2018-19919 | Pixelimity 1.0 has Persistent XSS via the admin/portfolio.php data[title] parameter, as demonstrated by a crafted onload attribute of an SVG element. | LOW | Dec 6, 2018 |
| CVE-2018-19918 | CuppaCMS has XSS via an SVG document uploaded to the administrator/#/component/table_manager/view/cu_views URI. | LOW | Dec 31, 2018 |
| CVE-2018-19917 | Microweber 1.0.8 has reflected cross-site scripting (XSS) vulnerabilities. | MEDIUM | Mar 27, 2019 |
| CVE-2018-19915 | DomainMOD through 4.11.01 has XSS via the assets/edit/host.php Web Host Name or Web Host URL field. | LOW | Dec 6, 2018 |
| CVE-2018-19914 | DomainMOD through 4.11.01 has XSS via the assets/add/dns.php Profile Name or notes field. | LOW | Dec 6, 2018 |
| CVE-2018-19913 | DomainMOD through 4.11.01 has XSS via the assets/add/registrar-accounts.php UserName, Reseller ID, or notes field. | LOW | Dec 12, 2018 |
| CVE-2018-19911 | FreeSWITCH through 1.8.2, when mod_xml_rpc is enabled, allows remote attackers to execute arbitrary commands via the api/system or txtapi/system (or api/bg_system or txtapi/bg_system) query string on TCP port 8080, as demonstrated by an api/system?calc URI. This can also be exploited via CSRF. Alternatively, the default password of works for the freeswitch account can sometimes be used. | HIGH | Dec 6, 2018 |
| CVE-2018-19908 | An issue was discovered in MISP 2.4.9x before 2.4.99. In app/Model/Event.php (the STIX 1 import code), an unescaped filename string is used to construct a shell command. This vulnerability can be abused by a malicious authenticated user to execute arbitrary commands by tweaking the original filename of the STIX import. | HIGH | Dec 6, 2018 |
| CVE-2018-19907 | A Server-Side Template Injection issue was discovered in Crafter CMS 3.0.18. Attackers with developer privileges may execute OS commands by Creating/Editing a template file (.ftl filetype) that triggers a call to freemarker.template.utility.Execute in the FreeMarker library during rendering of a web page. | MEDIUM | Dec 6, 2018 |
| CVE-2018-19906 | Stored XSS exists in razorCMS 3.4.8 via the /#/page description parameter. | LOW | Dec 31, 2018 |
| CVE-2018-19905 | HTML injection exists in razorCMS 3.4.8 via the /#/page keywords parameter. | LOW | Dec 31, 2018 |
| CVE-2018-19904 | Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page body field. | MEDIUM | Dec 31, 2018 |
| CVE-2018-19903 | Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page title field. | MEDIUM | Dec 31, 2018 |
| CVE-2018-19902 | No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article keyword parameter. | LOW | Dec 31, 2018 |
| CVE-2018-19901 | No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article/index/ article_title parameter. | LOW | Dec 31, 2018 |
| CVE-2018-19898 | ThinkCMF X2.2.2 has SQL Injection via the method edit_post in ArticleController.class.php and is exploitable by normal authenticated users via the post[id][1] parameter in an article edit_post action. | MEDIUM | Dec 5, 2018 |
| CVE-2018-19897 | ThinkCMF X2.2.2 has SQL Injection via the function _listorders() in AdminbaseController.class.php and is exploitable with the manager privilege via the listorders[key][1] parameter in a Link listorders action. | MEDIUM | Dec 5, 2018 |
| CVE-2018-19896 | ThinkCMF X2.2.2 has SQL Injection via the function delete() in SlideController.class.php and is exploitable with the manager privilege via the ids[] parameter in a slide action. | MEDIUM | Dec 5, 2018 |
| CVE-2018-19895 | ThinkCMF X2.2.2 has SQL Injection via the function edit_post() in NavController.class.php and is exploitable with the manager privilege via the parentid parameter in a nav action. | MEDIUM | Dec 5, 2018 |
| CVE-2018-19894 | ThinkCMF X2.2.2 has SQL Injection via the functions check() and delete() in CommentadminController.class.php and is exploitable with the manager privilege via the ids[] parameter in a commentadmin action. | MEDIUM | Dec 5, 2018 |
| CVE-2018-19893 | SearchController.php in PbootCMS 1.2.1 has SQL injection via the index.php/Search/index.html query string. | HIGH | Dec 5, 2018 |
