Security Vulnerabilities - CVEs Published In January 2018
Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_name parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-01-03
Online Ticket Booking has XSS via the admin/newsedit.php newstitle parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-01-03
Online Ticket Booking has XSS via the admin/movieedit.php moviename parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-01-03
Online Ticket Booking has XSS via the admin/eventlist.php cast parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-01-03
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.
CVSS Score
6.5
EPSS Score
0.006
Published
2018-01-03
XMLBundle version 0.1.7 is vulnerable to XXE attacks which can result in denial of service attacks.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-01-03
ELabftw version 1.7.8 is vulnerable to stored cross-site scripting in the experiment infos component resulting in arbitrary execution of JavaScript and denial of service.
CVSS Score
5.4
EPSS Score
0.003
Published
2018-01-03
pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, because the error detection occurs before an X-Frame-Options header is set. This is fixed in 2.4.2-RELEASE. OPNsense, a 2015 fork of pfSense, was not vulnerable since version 16.1.16 released on June 06, 2016. The unprotected web form was removed from the code during an internal security audit under "possibly insecure" suspicions.
CVSS Score
8.8
EPSS Score
0.19
Published
2018-01-03
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name.
CVSS Score
9.8
EPSS Score
0.009
Published
2018-01-03
When you visit a page where you need to login, Plone 2.5-5.1rc1 sends you to the login form with a 'came_from' parameter set to the previous url. After you login, you get redirected to the page you tried to view before. An attacker might try to abuse this by letting you click on a specially crafted link. You would login, and get redirected to the site of the attacker, letting you think that you are still on the original Plone site. Or some javascript of the attacker could be executed. Most of these types of attacks are already blocked by Plone, using the `isURLInPortal` check to make sure we only redirect to a page on the same Plone site. But a few more ways of tricking Plone into accepting a malicious link were discovered, and fixed with this hotfix.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-01-03