Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2018
CVE-2018-5989
SQL Injection exists in the ccNewsletter 2.x component for Joomla! via the id parameter in a task=removeSubscriber action, a related issue to CVE-2011-5099.
CVSS Score
9.8
EPSS Score
0.011
Published
2018-02-17
CVE-2018-5990
SQL Injection exists in the AllVideos Reloaded 1.2.x component for Joomla! via the divid parameter.
CVSS Score
9.8
EPSS Score
0.015
Published
2018-02-17
CVE-2018-5991
SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via the id, from, or to parameter in a view=stats request, a different vulnerability than CVE-2015-2798.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-02-17
CVE-2018-5992
SQL Injection exists in the Staff Master through 1.0 RC 1 component for Joomla! via the name parameter in a view=staff request.
CVSS Score
9.8
EPSS Score
0.015
Published
2018-02-17
CVE-2018-5993
SQL Injection exists in the Aist through 2.0 component for Joomla! via the id parameter in a view=showvacancy request.
CVSS Score
9.8
EPSS Score
0.015
Published
2018-02-17
CVE-2018-5994
SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request.
CVSS Score
9.8
EPSS Score
0.015
Published
2018-02-17
CVE-2018-3609
A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1 management portal could allow an unauthenticated user to access sensitive information in a particular log file that could be used to bypass authentication on vulnerable installations.
CVSS Score
8.1
EPSS Score
0.262
Published
2018-02-16
CVE-2018-6218
A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.
CVSS Score
7.0
EPSS Score
0.004
Published
2018-02-16
CVE-2018-1049
In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted.
CVSS Score
5.9
EPSS Score
0.008
Published
2018-02-16
CVE-2017-18089
The view review history resource in Atlassian Crucible before version 4.4.3 (the fixed version for 4.4.x) and 4.5.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the invited reviewers for a review.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-02-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved