The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2018-16202 | Directory traversal vulnerability in cordova-plugin-ionic-webview versions prior to 2.2.0 (not including 2.0.0-beta.0, 2.0.0-beta.1, 2.0.0-beta.2, and 2.1.0-0) allows remote attackers to access arbitrary files via unspecified vectors. | MEDIUM | Oct 15, 2019 | n/a |
CVE-2018-16203 | PgpoolAdmin 4.0 and earlier allows remote attackers to bypass the login authentication and obtain the administrative privilege of the PostgreSQL database via unspecified vectors. | HIGH | Jan 9, 2019 | n/a |
CVE-2018-16204 | Cross-site scripting vulnerability in Google XML Sitemaps Version 4.0.9 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | LOW | Oct 3, 2019 | n/a |
CVE-2018-16205 | Cross-site scripting vulnerability in GROWI v3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via New Page modal. | LOW | Jan 9, 2019 | n/a |
CVE-2018-16206 | Cross-site scripting vulnerability in WordPress plugin spam-byebye 2.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | MEDIUM | Jan 12, 2019 | n/a |
CVE-2018-16207 | PowerAct Pro Master Agent for Windows Version 5.13 and earlier allows authenticated attackers to bypass access restriction to alter or edit unauthorized files via unspecified vectors. | MEDIUM | Mar 29, 2019 | n/a |
CVE-2018-16210 | WAGO 750-88X and WAGO 750-89X Ethernet Controller devices, versions 01.09.18(13) and before, have XSS in the SNMP configuration via the webserv/cplcfg/snmp.ssi SNMP_DESC or SNMP_LOC_SNMP_CONT field. | MEDIUM | Oct 12, 2018 | n/a |
CVE-2018-16216 | A command injection (missing input validation, escaping) in the monitoring or memory status web interface in AudioCodes 405HD (firmware 2.2.12) VoIP phone allows an authenticated remote attacker in the same network as the device to trigger OS commands (like starting telnetd or opening a reverse shell) via a POST request to the web server. In combination with another attack (unauthenticated password change), the attacker can circumvent the authentication requirement. | HIGH | Apr 29, 2019 | n/a |
CVE-2018-16217 | The network diagnostic function (ping) in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command injection. | HIGH | May 31, 2019 | n/a |
CVE-2018-16218 | A CSRF (Cross Site Request Forgery) in the web interface of the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware version 66.83.0.35 allows a remote attacker to trigger code execution or settings modification on the device by providing a crafted link to the victim. | MEDIUM | May 31, 2019 | n/a |
CVE-2018-16219 | A missing password verification in the web interface in AudioCodes 405HD VoIP phone with firmware 2.2.12 allows an remote attacker (in the same network as the device) to change the admin password without authentication via a POST request. | LOW | Apr 26, 2019 | n/a |
CVE-2018-16220 | Cross Site Scripting in different input fields (domain field and personal settings) in AudioCodes 405HD VoIP phone with firmware 2.2.12 allows an attacker (local or remote) to inject JavaScript into the web interface of the device by manipulating the phone book entries or manipulating the domain name sent to the device from the domain controller. | MEDIUM | Apr 26, 2019 | n/a |
CVE-2018-16221 | The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) does not validate (escape) the path information (path traversal), which allows an authenticated remote attacker to get access to privileged information (e.g., /etc/passwd) via path traversal (relative path information in the file parameter of the corresponding POST request). | HIGH | May 30, 2019 | n/a |
CVE-2018-16222 | Cleartext Storage of credentials in the iSmartAlarmData.xml configuration file in the iSmartAlarm application through 2.0.8 for Android allows an attacker to retrieve the username and password. | LOW | Nov 20, 2018 | n/a |
CVE-2018-16223 | Insecure Cryptographic Storage of credentials in com.vestiacom.qbeecamera_preferences.xml in the QBee Cam application through 1.0.5 for Android allows an attacker to retrieve the username and password. | MEDIUM | Nov 20, 2018 | n/a |
CVE-2018-16224 | Incorrect access control for the diagnostic files of the iSmartAlarm Cube One through 2.2.4.10 allows an attacker to retrieve them via a specifically crafted TCP request to port 12345 and 22306, and access sensitive information from the device. | MEDIUM | Nov 20, 2018 | n/a |
CVE-2018-16225 | The QBee MultiSensor Camera through 4.16.4 accepts unencrypted network traffic from clients (such as the QBee Cam application through 1.0.5 for Android and the Swisscom Home application up to 10.7.2 for Android), which results in an attacker being able to reuse cookies to bypass authentication and disable the camera. | MEDIUM | Sep 18, 2018 | n/a |
CVE-2018-16226 | A vulnerability in the web admin component of Mitel MiVoice Office 400, versions R5.0 HF3 (v8839a1) and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack, due to insufficient validation for the start.asp page. A successful exploit could allow the attacker to execute arbitrary scripts to access sensitive browser-based information. | MEDIUM | Oct 23, 2018 | n/a |
CVE-2018-16227 | The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. | High | Oct 11, 2019 | n/a |
CVE-2018-16228 | The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). | High | Oct 11, 2019 | n/a |
CVE-2018-16229 | The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). | High | Oct 11, 2019 | n/a |
CVE-2018-16230 | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). | High | Oct 11, 2019 | n/a |
CVE-2018-16231 | Michael Roth Software Personal FTP Server (PFTP) through 8.4f allows remote attackers to cause a denial of service (daemon crash) via an unspecified sequence of FTP commands. | MEDIUM | Aug 30, 2018 | n/a |
CVE-2018-16232 | An authenticated command injection vulnerability exists in IPFire Firewall before 2.21 Core Update 124 in backup.cgi. This allows an authenticated user with privileges for the affected page to execute arbitrary commands. | MEDIUM | Oct 3, 2019 | n/a |
CVE-2018-16233 | MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter. | MEDIUM | Aug 30, 2018 | n/a |
CVE-2018-16234 | MorningStar WhatWeb 0.4.9 has XSS via JSON report files. | MEDIUM | Aug 30, 2018 | n/a |
CVE-2018-16235 | Telligent Community 6.x, 7.x, 8.x, 9.x before 9.2.10.11796, 10.1.x before 10.1.10.11792, and 10.2.x before 10.2.3.4725 has XSS via the Feed RSS widget. | MEDIUM | Oct 23, 2018 | n/a |
CVE-2018-16236 | cPanel through 74 allows XSS via a crafted filename in the logs subdirectory of a user account, because the filename is mishandled during frontend/THEME/raw/index.html rendering. | MEDIUM | Aug 30, 2018 | n/a |
CVE-2018-16237 | An issue was discovered in damiCMS V6.0.1. There is Directory Traversal via '|' characters in the s parameter to admin.php, as demonstrated by an admin.php?s=Tpl/Add/id/c:|windows|win.ini URI. | MEDIUM | Aug 30, 2018 | n/a |
CVE-2018-16238 | An issue was discovered in damiCMS V6.0.1. Remote code execution can occur via PHP code in a multipart/form-data POST to the admin.php?s=/Tpl/Update.html URI. For example, this can update the Web/Tpl/default/head.html file. | MEDIUM | Aug 30, 2018 | n/a |
CVE-2018-16239 | An issue was discovered in damiCMS V6.0.1. It relies on the PHP time() function for cookies, which makes it possible to determine the cookie for an existing admin session via 10800 guesses. | MEDIUM | Aug 30, 2018 | n/a |
CVE-2018-16242 | oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass the locking mechanism by using Bluetooth Low Energy (BLE) to replay ciphertext based on a predictable nonce used in the locking protocol. | LOW | Sep 14, 2018 | n/a |
CVE-2018-16243 | SolarWinds Database Performance Analyzer (DPA) 11.1.468 and 12.0.3074 have several persistent XSS vulnerabilities, related to logViewer.iwc, centralManage.cen, userAdministration.iwc, database.iwc, alertManagement.iwc, eventAnnotations.iwc, and central.cen. | LOW | Dec 17, 2020 | n/a |
CVE-2018-16247 | YzmCMS 5.1 has XSS via the admin/system_manage/user_config_add.html title parameter. | LOW | Jun 20, 2019 | n/a |
CVE-2018-16248 | b3log Solo 2.9.3 has XSS in the Input page under the \"Publish Articles\" menu with an ID of \"articleTags\" stored in the \"tag\" JSON field, which allows remote attackers to inject arbitrary Web scripts or HTML via a carefully crafted site name in an admin-authenticated HTTP request. | MEDIUM | Jun 21, 2019 | n/a |
CVE-2018-16249 | In Symphony before 3.3.0, there is XSS in the Title under Post. The ID \"articleTitle\" of this is stored in the \"articleTitle\" JSON field, and executes a payload when accessing the /member/test/points URI, allowing remote attacks. Any Web script or HTML can be inserted by an admin-authenticated user via a crafted web site name. | LOW | Jun 21, 2019 | n/a |
CVE-2018-16250 | The \"utilisateur\" menu in Creatiwity wityCMS 0.6.2 modifies the presence of XSS at two input points for user information, with the \"first name\" and \"last name\" parameters. | LOW | Jun 21, 2019 | n/a |
CVE-2018-16251 | A \"search for user discovery\" injection issue exists in Creatiwity wityCMS 0.6.2 via the \"Utilisateur\" menu. No input parameters are filtered, e.g., the /admin/user/users Nickname, email, firstname, lastname, and groupe parameters. | MEDIUM | Jun 21, 2019 | n/a |
CVE-2018-16252 | FsPro Labs Event Log Explorer 4.6.1.2115 has .elx FileType XML External Entity Injection. | LOW | Sep 6, 2018 | n/a |
CVE-2018-16253 | In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not properly verify the ASN.1 metadata. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation through fake X.509 certificates. This is an even more permissive variant of CVE-2006-4790 and CVE-2014-1568. | MEDIUM | Nov 7, 2018 | n/a |
CVE-2018-16254 | There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=options. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator | Medium | Apr 15, 2019 | n/a |
CVE-2018-16255 | There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=evaluate. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator | Medium | Apr 15, 2019 | n/a |
CVE-2018-16256 | There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via Add Filtering Options(Add Rule). NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator | Medium | Apr 12, 2019 | n/a |
CVE-2018-16257 | There are multiple XSS vulnerabilities in WP All Import plugin 3.4.9 for WordPress via action=template. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator | Medium | Apr 15, 2019 | n/a |
CVE-2018-16258 | There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-import custom_type. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator | Medium | Apr 15, 2019 | n/a |
CVE-2018-16259 | There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-settings large_feed_limit. NOTE: The vendor states that this is not a vulnerability. WP All Import is only able to be used by a logged in administrator, and the action described can only be taken advantage of by a logged in administrator | Medium | Apr 15, 2019 | n/a |
CVE-2018-16261 | In Pulse Secure Pulse Desktop Client 5.3RX before 5.3R5 and 9.0R1, there is a Privilege Escalation Vulnerability with Dynamic Certificate Trust. | MEDIUM | Sep 6, 2018 | n/a |
CVE-2018-16262 | The pkgmgr system service in Tizen allows an unprivileged process to perform package management actions, due to improper D-Bus security policy configurations. Such actions include installing, decrypting, and killing other packages. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | MEDIUM | Feb 3, 2020 | n/a |
CVE-2018-16263 | The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | MEDIUM | Feb 3, 2020 | n/a |
CVE-2018-16264 | The BlueZ system service in Tizen allows an unprivileged process to partially control Bluetooth or acquire sensitive information, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | LOW | Feb 3, 2020 | n/a |