Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2018
CVE-2018-10428
ILIAS before 5.1.26, 5.2.x before 5.2.15, and 5.3.x before 5.3.4, due to inconsistencies in parameter handling, is vulnerable to various instances of reflected cross-site-scripting.
CVSS Score
6.1
EPSS Score
0.005
Published
2018-05-23
CVE-2018-6495
Cross-Site Scripting (XSS) in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS).
CVSS Score
6.3
EPSS Score
0.003
Published
2018-05-23
CVE-2018-10653
There is an XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
CVSS Score
9.8
EPSS Score
0.092
Published
2018-05-23
CVE-2018-10654
There is a Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
CVSS Score
8.1
EPSS Score
0.004
Published
2018-05-23
CVE-2018-10648
There are Unauthenticated File Upload Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
CVSS Score
9.8
EPSS Score
0.006
Published
2018-05-23
CVE-2018-10649
There is a Cross-Site Scripting Vulnerability in Citrix XenMobile Server 10.7 before RP3.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-05-23
CVE-2018-10650
There is an Insufficient Path Validation Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
CVSS Score
7.8
EPSS Score
0.002
Published
2018-05-23
CVE-2018-10651
There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-05-23
CVE-2018-10652
There is a Sensitive Data Leakage issue in Citrix XenMobile Server 10.7 before RP3.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-05-23
CVE-2018-10351
A vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formRegistration2 class. Authentication is required to exploit this vulnerability.
CVSS Score
8.8
EPSS Score
0.086
Published
2018-05-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved