Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2018
CVE-2018-9010
Intelbras TELEFONE IP TIP200/200 LITE 60.0.75.29 devices allow remote authenticated admins to read arbitrary files via the /cgi-bin/cgiServer.exx page parameter, aka absolute path traversal. In some cases, authentication can be achieved via the admin account with its default admin password.
CVSS Score
7.2
EPSS Score
0.172
Published
2018-03-25
CVE-2018-9014
dsmall v20180320 allows physical path leakage via a public/index.php/home/predeposit/index.html?pdr_sn= request.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-03-25
CVE-2018-9015
dsmall v20180320 allows XSS via the public/index.php/home/predeposit/index.html pdr_sn parameter (aka the CMS search box).
CVSS Score
5.4
EPSS Score
0.002
Published
2018-03-25
CVE-2018-9016
dsmall v20180320 allows XSS via the main page search box at the public/index.php/home URI.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-03-25
CVE-2018-9017
dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-03-25
CVE-2018-7719
Acrolinx Server before 5.2.5 on Windows allows Directory Traversal.
CVSS Score
7.5
EPSS Score
0.805
Published
2018-03-25
CVE-2018-8947
rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding for l, dl, and del requests, which makes it easier for remote attackers to bypass intended access restrictions, as demonstrated by reading arbitrary files via a dl request.
CVSS Score
7.5
EPSS Score
0.169
Published
2018-03-25
CVE-2018-8996
In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002007.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-03-25
CVE-2018-8997
In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002004.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-03-25
CVE-2018-8998
In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060cc.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-03-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved