The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2018-17141 | HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file. | HIGH | Sep 23, 2018 |
| CVE-2018-17140 | The Quizlord plugin through 2.0 for WordPress is prone to Stored XSS via the title parameter in a ql_insert action to wp-admin/admin.php. | LOW | Sep 17, 2018 |
| CVE-2018-17139 | UltimatePOS 2.5 allows users to upload arbitrary files, which leads to remote command execution by posting to a /products URI with PHP code in a .php file with the image/jpeg content type. | MEDIUM | Sep 17, 2018 |
| CVE-2018-17138 | The Jibu Pro plugin through 1.7 for WordPress is prone to Stored XSS via the wp-content/plugins/jibu-pro/quiz_action.php name (aka Quiz Name) field. | LOW | Sep 17, 2018 |
| CVE-2018-17137 | Prezi Next 1.3.101.11 has a documented purpose of creating HTML5 presentations but has SE_DEBUG_PRIVILEGE on Windows, which might allow attackers to bypass intended access restrictions. | HIGH | Sep 17, 2018 |
| CVE-2018-17136 | zzcms 8.3 contains a SQL Injection vulnerability in /user/check.php via a Client-Ip HTTP header. | HIGH | Sep 17, 2018 |
| CVE-2018-17134 | admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the cfg_author field in conjunction with a crafted cfg_webpath field. | MEDIUM | Sep 17, 2018 |
| CVE-2018-17133 | admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the rewrite url setting. | MEDIUM | Sep 17, 2018 |
| CVE-2018-17132 | admin/goods_update.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the attrvalue[] array parameter. | MEDIUM | Sep 17, 2018 |
| CVE-2018-17131 | admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the varvalue field. | MEDIUM | Sep 17, 2018 |
| CVE-2018-17130 | PHPMyWind 5.5 has XSS in member.php via an HTTP Referer header, | LOW | Sep 17, 2018 |
| CVE-2018-17129 | MetInfo 6.1.0 has SQL injection in doexport() in app/system/feedback/admin/feedback_admin.class.php via the class1 field. | MEDIUM | Sep 17, 2018 |
| CVE-2018-17128 | A Persistent XSS issue was discovered in the Visual Editor in MyBB before 1.8.19 via a Video MyCode. | LOW | Sep 26, 2018 |
| CVE-2018-17127 | blocking_request.cgi on ASUS GT-AC5300 devices through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (NULL pointer dereference and device crash) via a request that lacks a timestap parameter. | HIGH | Sep 17, 2018 |
| CVE-2018-17126 | CScms 4.1 allows remote code execution, as demonstrated by 1');eval($_POST[cmd]);# in Web Name to uploadpluginssysInstall.php. | HIGH | Sep 17, 2018 |
| CVE-2018-17125 | CScms 4.1 allows arbitrary directory deletion via a dir=..\ substring to pluginssysadminPlugins.php. | MEDIUM | Sep 17, 2018 |
| CVE-2018-17113 | App/Modules/Admin/Tpl/default/Public/dwz/uploadify/scripts/uploadify.swf in EasyCMS 1.5 has XSS via the uploadifyID or movieName parameter, a related issue to CVE-2018-9173. | MEDIUM | Sep 17, 2018 |
| CVE-2018-17111 | The onlyOwner modifier of a smart contract implementation for Coinlancer (CL), an Ethereum ERC20 token, has a potential access control vulnerability. All contract users can access functions that use this onlyOwner modifier, because the comparison between msg.sender and owner is incorrect. | HIGH | Sep 18, 2018 |
| CVE-2018-17110 | Simple POS 4.0.24 allows SQL Injection via a products/get_products/ columns[0][search][value] parameter in the management panel, as demonstrated by products/get_products/1. | HIGH | Sep 17, 2018 |
| CVE-2018-17108 | The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android might allow attackers to perform Account Takeover attacks by intercepting a security-question response during the initial configuration of the application. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17107 | In Tgstation tgstation-server 3.2.4.0 through 3.2.1.0 (fixed in 3.2.5.0), active logins would be cached, allowing subsequent logins to succeed with any username or password. | HIGH | Sep 24, 2018 |
| CVE-2018-17106 | In Tinyftp Tinyftpd 1.1, a buffer overflow exists in the text variable of the do_mkd function in the ftpproto.c file. An attacker can overwrite ebp via a long pathname. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17104 | An issue was discovered in Microweber 1.0.7. There is a CSRF attack (against the admin user) that can add an administrative account via api/save_user. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17103 | ** DISPUTED ** An issue was discovered in GetSimple CMS v3.3.13. There is a CSRF vulnerability that can change the administrator\'s password via admin/settings.php. NOTE: The vendor reported that the PoC was sending a value for the nonce parameter. | MEDIUM | Nov 28, 2018 |
| CVE-2018-17102 | An issue was discovered in QuickAppsCMS (aka QACMS) through 2.0.0-beta2. A CSRF vulnerability can change the administrator password via the user/me URI. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17101 | An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17100 | An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17098 | The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (heap corruption from size inconsistency) or possibly have unspecified other impact, as demonstrated by SoundStretch. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17097 | The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact, as demonstrated by SoundStretch. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17096 | The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17095 | An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17094 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11124. Reason: This candidate is a duplicate of CVE-2017-11124. Notes: All CVE users should reference CVE-2017-11124 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17093 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11125. Reason: This candidate is a duplicate of CVE-2017-11125. Notes: All CVE users should reference CVE-2017-11125 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17092 | An issue was discovered in DonLinkage 6.6.8. SQL injection in /pages/proxy/php.php and /pages/proxy/add.php can be exploited via specially crafted input, allowing an attacker to obtain information from a database. The vulnerability can only be triggered by an authorized user. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17091 | An issue was discovered in DonLinkage 6.6.8. It allows remote attackers to obtain potentially sensitive information via a direct request for files/temporary.txt. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17090 | An issue was discovered in DonLinkage 6.6.8. The modules /pages/bazy/bazy_adresow.php and /pages/proxy/add.php are vulnerable to stored XSS that can be triggered by closing <textarea> followed by <script></script> tags. | LOW | Sep 16, 2018 |
| CVE-2018-17088 | The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is an integer overflow during a check for whether a location exceeds the EXIF data length. This is analogous to the CVE-2016-3822 integer overflow in exif.c. This gpsinfo.c vulnerability is unrelated to the CVE-2018-16554 gpsinfo.c vulnerability. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17086 | An issue was discovered in OTCMS 3.61. XSS exists in admin/share_switch.php via these parameters: fieldName fieldName2 tabName. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17085 | An issue was discovered in OTCMS 3.61. XSS exists in admin/users.php via these parameters: dataTypeCN dataMode dataModeStr. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17082 | The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a Transfer-Encoding: chunked request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c. | MEDIUM | Sep 16, 2018 |
| CVE-2018-17081 | e107 2.1.9 allows CSRF via e107_admin/wmessage.php?mode=&action=inline&ajax_used=1&id= for changing the title of an arbitrary page. | MEDIUM | Sep 26, 2018 |
| CVE-2018-17079 | An issue was discovered in ZRLOG 2.0.1. There is a Stored XSS vulnerability in the nickname field of the comment area. | MEDIUM | Jun 20, 2019 |
| CVE-2018-17077 | An issue was discovered in yiqicms through 2016-11-20. There is stored XSS in comment.php because a length limit can be bypassed. | MEDIUM | Sep 15, 2018 |
| CVE-2018-17076 | GPP through 2.25 will try to use more memory space than is available on the stack, leading to a segmentation fault or possibly unspecified other impact via a crafted file. | MEDIUM | Sep 15, 2018 |
| CVE-2018-17075 | The html package (aka x/net/html) before 2018-07-13 in Go mishandles in frameset insertion mode, leading to a panic: runtime error for html.Parse of <template><object>, <template><applet>, or <template><marquee>. This is related to HTMLTreeBuilder.cpp in WebKit. | MEDIUM | Sep 15, 2018 |
| CVE-2018-17074 | The Feed Statistics plugin before 4.0 for WordPress has an Open Redirect via the feed-stats-url parameter. | MEDIUM | Sep 15, 2018 |
| CVE-2018-17073 | wernsey/bitmap before 2018-08-18 allows a NULL pointer dereference via a 4-bit image. | MEDIUM | Sep 15, 2018 |
| CVE-2018-17072 | JSON++ through 2016-06-15 has a buffer over-read in yyparse() in json.y. | HIGH | Sep 15, 2018 |
| CVE-2018-17071 | The fallback function of a simple lottery smart contract implementation for Lucky9io, an Ethereum gambling game, generates a random value with the publicly readable variable entry_number. This variable is private, yet it is readable by eth.getStorageAt function. Also, attackers can purchase a ticket at a low price by directly calling the fallback function with small msg.value, because the developer set the currency unit incorrectly. Therefore, it allows attackers to always win and get rewards. | MEDIUM | Sep 18, 2018 |
| CVE-2018-17070 | An issue was discovered in UNL-CMS 7.59. A CSRF attack can update the website settings via ?q=admin%2Fconfig%2Fsystem%2Fsite-information&render=overlay&render=overlay. | MEDIUM | Sep 15, 2018 |
