The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2018-18774 | CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allows XSS via the admin/index.php module parameter. | MEDIUM | Nov 21, 2018 | n/a |
| CVE-2018-18773 | CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allows CSRF via admin/index.php?module=rootpwd, as demonstrated by changing the root password. | MEDIUM | Nov 21, 2018 | n/a |
| CVE-2018-18772 | CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allows CSRF via admin/index.php?module=send_ssh, as demonstrated by executing an arbitrary OS command. | MEDIUM | Nov 21, 2018 | n/a |
| CVE-2018-18771 | An issue was discovered in LuLu CMS through 2015-05-14. backend\\modules\\filemanager\\controllers\\DefaultController.php allows arbitrary file upload by entering a filename, directory name, and PHP code into the three text input fields. | MEDIUM | Oct 29, 2018 | n/a |
| CVE-2018-18767 | An issue was discovered in D-Link \'myDlink Baby App\' version 2.04.06. Whenever actions are performed from the app (e.g., change camera settings or play lullabies), it communicates directly with the Wi-Fi camera (D-Link 825L firmware 1.08) with the credentials (username and password) in base64 cleartext. An attacker could conduct an MitM attack on the local network and very easily obtain these credentials. | LOW | Dec 20, 2018 | n/a |
| CVE-2018-18766 | An elevation of privilege vulnerability exists in the Call Dispatcher in Provisio SiteKiosk before 9.7.4905. | HIGH | Apr 1, 2019 | n/a |
| CVE-2018-18765 | An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in mg_mqtt_next_subscribe_topic. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially resulting in information disclosure and denial of service. An attacker needs to send a specially crafted MQTT packet over the network to trigger this vulnerability. | MEDIUM | Oct 29, 2018 | n/a |
| CVE-2018-18764 | An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in a parse_mqtt getu16 call. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially resulting in information disclosure and denial of service. An attacker needs to send a specially crafted MQTT packet over the network to trigger this vulnerability. | MEDIUM | Oct 29, 2018 | n/a |
| CVE-2018-18763 | SaltOS 3.1 r8126 allows action=ajax&query=numbers&page=usuarios&action2=[SQL] SQL Injection. | HIGH | Nov 16, 2018 | n/a |
| CVE-2018-18762 | SaltOS 3.1 r8126 contains a database download vulnerability. | Medium | Mar 22, 2019 | n/a |
| CVE-2018-18761 | SaltOS 3.1 r8126 allows action=login&querystring=&user=[SQL] SQL Injection. | HIGH | Nov 16, 2018 | n/a |
| CVE-2018-18760 | RhinOS 3.0 build 1190 allows CSRF. | MEDIUM | Nov 16, 2018 | n/a |
| CVE-2018-18759 | Modbus Slave 7.0.0 in modbus tools has a Buffer Overflow. | MEDIUM | Nov 16, 2018 | n/a |
| CVE-2018-18758 | Open Faculty Evaluation System 7 for PHP 7 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18757. | HIGH | Jun 20, 2019 | n/a |
| CVE-2018-18757 | Open Faculty Evaluation System 5.6 for PHP 5.6 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18758. | HIGH | Jun 20, 2019 | n/a |
| CVE-2018-18756 | Local Server 1.0.9 has a Buffer Overflow via crafted data on Port 4008. | MEDIUM | Nov 16, 2018 | n/a |
| CVE-2018-18755 | K-iwi Framework 1775 has SQL Injection via the admin/user/group/update user_group_id parameter or the admin/user/user/update user_id parameter. | HIGH | Nov 16, 2018 | n/a |
| CVE-2018-18754 | ZyXEL VMG3312-B10B 1.00(AAPP.7) devices have a backdoor root account with the tTn3+Z@!Sr0O+ password hash in the etc/default.cfg file. | MEDIUM | Oct 29, 2018 | n/a |
| CVE-2018-18753 | Typecho V1.1 allows remote attackers to send shell commands via base64-encoded serialized data, as demonstrated by SSRF. | HIGH | Oct 29, 2018 | n/a |
| CVE-2018-18752 | Webiness Inventory 2.3 suffers from an Arbitrary File upload vulnerability via PHP code in the protected/library/ajax/WsSaveToModel.php logo parameter. | HIGH | Oct 29, 2018 | n/a |
| CVE-2018-18751 | An issue was discovered in GNU gettext 0.19.8. There is a double free in default_add_message in read-catalog.c, related to an invalid free in po_gram_parse in po-gram-gen.y, as demonstrated by lt-msgfmt. | HIGH | Oct 29, 2018 | n/a |
| CVE-2018-18749 | data-tools through 2017-07-26 has an Integer Overflow leading to an incorrect end value for the write_wchars function. | MEDIUM | Oct 29, 2018 | n/a |
| CVE-2018-18748 | ** DISPUTED ** Sandboxie 5.26 allows a Sandbox Escape via an import os statement, followed by os.system(cmd) or os.system(powershell), within a .py file. NOTE: the vendor disputes this issue because the observed behavior is consistent with the product\'s intended functionality. | HIGH | Oct 29, 2018 | n/a |
| CVE-2018-18745 | An XSS issue was discovered in SEMCMS 3.4 via admin/SEMCMS_Menu.php?lgid=1 during editing. | LOW | Oct 29, 2018 | n/a |
| CVE-2018-18744 | An XSS issue was discovered in SEMCMS 3.4 via the fifth text box to the admin/SEMCMS_Main.php URI. | LOW | Oct 29, 2018 | n/a |
| CVE-2018-18743 | An XSS issue was discovered in SEMCMS 3.4 via the second text field to the admin/SEMCMS_Categories.php?pid=1&lgid=1 URI. | LOW | Oct 29, 2018 | n/a |
| CVE-2018-18742 | A CSRF issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_User.php?Class=add&CF=user URI. | MEDIUM | Oct 29, 2018 | n/a |
| CVE-2018-18741 | An XSS issue was discovered in SEMCMS 3.4 via admin/SEMCMS_Download.php?lgid=1 during editing. | LOW | Oct 29, 2018 | n/a |
| CVE-2018-18740 | An XSS issue was discovered in SEMCMS 3.4 via the first input field to the admin/SEMCMS_Link.php?lgid=1 URI. | LOW | Oct 29, 2018 | n/a |
| CVE-2018-18739 | An XSS issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_Products.php?lgid=1 Keywords field. | LOW | Oct 29, 2018 | n/a |
| CVE-2018-18738 | An XSS issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_Categories.php?pid=1&lgid=1 category_key parameter. | LOW | Oct 29, 2018 | n/a |
| CVE-2018-18737 | An XXE issue was discovered in Douchat 4.0.4 because Data\\notify.php calls simplexml_load_string. This can also be used for SSRF. | MEDIUM | Oct 29, 2018 | n/a |
| CVE-2018-18736 | An XSS issue was discovered in catfish blog 2.0.33, related to write source code. | LOW | Oct 29, 2018 | n/a |
| CVE-2018-18735 | A CSRF issue was discovered in admin/Index/tiquan in catfish blog 2.0.33. | MEDIUM | Oct 29, 2018 | n/a |
| CVE-2018-18734 | A CSRF issue was discovered in admin/Index/addmanageuser.html in Catfish CMS 4.8.30. | MEDIUM | Oct 29, 2018 | n/a |
| CVE-2018-18733 | An XSS issue was discovered in Catfish CMS 4.8.30, related to write source code, a similar issue to CVE-2018-13999. | LOW | Oct 29, 2018 | n/a |
| CVE-2018-18732 | An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router\'s web server -- httpd. While processing the \'ntpServer\' parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function. | HIGH | Oct 29, 2018 | n/a |
| CVE-2018-18731 | An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router\'s web server -- httpd. While processing the \'deviceMac\' parameter for a post request, the value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function. | HIGH | Oct 29, 2018 | n/a |
| CVE-2018-18730 | An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router\'s web server -- httpd. While processing the \'startIp\' and \'endIp\' parameters for a post request, each value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function. | HIGH | Oct 29, 2018 | n/a |
| CVE-2018-18729 | An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a heap-based buffer overflow vulnerability in the router\'s web server -- httpd. While processing the \'mac\' parameter for a post request, the value is directly used in a strcpy to a variable placed on the heap, which can leak sensitive information or even hijack program control flow. | HIGH | Oct 29, 2018 | n/a |
| CVE-2018-18728 | An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. They allow remote code execution via shell metacharacters in the usbName field to the __fastcall function with a POST request. | HIGH | Oct 29, 2018 | n/a |
| CVE-2018-18727 | An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router\'s web server -- httpd. While processing the \'deviceList\' parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function. | HIGH | Oct 29, 2018 | n/a |
| CVE-2018-18726 | An XSS issue was discovered in admin/sitelink/editsitelink?id=16 in YUNUCMS 1.1.5. | LOW | Oct 29, 2018 | n/a |
| CVE-2018-18725 | An XSS issue was discovered in admin/banner/editbanner?id=20 in YUNUCMS 1.1.5. | LOW | Oct 29, 2018 | n/a |
| CVE-2018-18724 | An XSS issue was discovered in index.php/admin/category/editcategory?id=73 in YUNUCMS 1.1.5. | LOW | Oct 29, 2018 | n/a |
| CVE-2018-18723 | An XSS issue was discovered in index.php/admin/area/editarea/id/110000 in YUNUCMS 1.1.5. | LOW | Oct 29, 2018 | n/a |
| CVE-2018-18722 | An XSS issue was discovered in admin/content/editcontent?id=29&gopage=1 in YUNUCMS 1.1.5. | LOW | Oct 29, 2018 | n/a |
| CVE-2018-18721 | An XSS issue was discovered in admin/link/editlink?id=5 in YUNUCMS 1.1.5. | LOW | Oct 29, 2018 | n/a |
| CVE-2018-18720 | An XSS issue was discovered in index.php/admin/system/basic in YUNUCMS 1.1.5. | LOW | Oct 29, 2018 | n/a |
| CVE-2018-18718 | An issue was discovered in gThumb through 3.6.2. There is a double-free vulnerability in the add_themes_from_dir method in dlg-contact-sheet.c because of two successive calls of g_free, each of which frees the same buffer. | MEDIUM | Oct 29, 2018 | n/a |
