Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2019
CVE-2019-8418
SeaCMS 7.2 mishandles member.php?mod=repsw4 requests.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-02-17
CVE-2019-8411
admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to delete arbitrary files via action=del&filename=../ directory traversal.
CVSS Score
7.5
EPSS Score
0.012
Published
2019-02-17
CVE-2019-8412
FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or delete arbitrary files via index.php?s=Admin-Data-Down-id-..\ or index.php?s=Admin-Data-Del-id-..\ directory traversal.
CVSS Score
8.8
EPSS Score
0.016
Published
2019-02-17
CVE-2019-8413
On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer dereference in the ioctl interface of the device file /dev/elliptic1 or /dev/elliptic0 causes a system crash via IOCTL 0x4008c575 (aka decimal 1074316661).
CVSS Score
5.5
EPSS Score
0.0
Published
2019-02-17
CVE-2018-20782
The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages.
CVSS Score
7.5
EPSS Score
0.149
Published
2019-02-17
CVE-2019-8407
HongCMS 3.0.0 allows arbitrary file read and write operations via a ../ in the filename parameter to the admin/index.php/language/edit URI.
CVSS Score
6.5
EPSS Score
0.005
Published
2019-02-17
CVE-2019-8408
OneFileCMS 3.6.13 allows remote attackers to modify onefilecms.php by clicking the Copy button twice.
CVSS Score
4.9
EPSS Score
0.002
Published
2019-02-17
CVE-2016-10742
Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-02-17
CVE-2019-8393
Hotels_Server through 2018-11-05 has SQL Injection via the API because the controller/api/login.php telephone parameter is mishandled.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-02-17
CVE-2019-8396
A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka "Invalid write of size 2."
CVSS Score
6.5
EPSS Score
0.003
Published
2019-02-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved