Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2018
CVE-2018-5466
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a self-signed SSL certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-03-26
CVE-2018-5468
Philips Intellispace Portal all versions 7.0.x and 8.0.x have a remote desktop access vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code
CVSS Score
9.8
EPSS Score
0.023
Published
2018-03-26
CVE-2018-5470
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an unquoted search path or element vulnerability that has been identified, which may allow an authorized local user to execute arbitrary code and escalate their level of privileges.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-03-26
CVE-2018-5472
Philips Intellispace Portal all versions 7.0.x and 8.0.x have an insecure windows permissions vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.019
Published
2018-03-26
CVE-2018-5474
Philips Intellispace Portal all versions 7.0.x and 8.0.x have an input validation vulnerability that could allow a remote attacker to execute arbitrary code or cause the application to crash.
CVSS Score
9.8
EPSS Score
0.06
Published
2018-03-26
CVE-2018-9020
The Events Manager plugin before 5.8.1.2 for WordPress allows XSS via the events-manager.js mapTitle parameter in the Google Maps miniature.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-03-26
CVE-2018-9018
In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-03-25
CVE-2018-8817
Wampserver before 3.1.3 has CSRF in add_vhost.php.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-03-25
CVE-2018-8978
Open-AudIT Professional 2.1 has XSS via a crafted src attribute of an IMG element within a URI.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-03-25
CVE-2018-8979
Open-AudIT Professional 2.1 has CSRF, as demonstrated by modifying a user account or inserting XSS sequences via the credentials URI.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-03-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved