Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2018
CVE-2018-13005
An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read.
CVSS Score
9.8
EPSS Score
0.006
Published
2018-06-29
CVE-2018-13006
An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer over-read in the isomedia/box_dump.c function hdlr_dump.
CVSS Score
9.8
EPSS Score
0.007
Published
2018-06-29
CVE-2018-13007
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (not conditional on a buffer_size_longs check).
CVSS Score
9.8
EPSS Score
0.004
Published
2018-06-29
CVE-2018-13008
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for a positive nest_level.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-06-29
CVE-2018-13009
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (conditional on a buffer_size_longs check).
CVSS Score
9.8
EPSS Score
0.004
Published
2018-06-29
CVE-2018-13010
WSTMall v1.9.1_170316 has CSRF via the index.php?m=Admin&c=Users&a=edit URI to add a user account.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-06-29
CVE-2018-12992
An issue was discovered CMS MaeloStore V.1.5.0. There is stored XSS in the Telephone field of the admin interface.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-06-29
CVE-2018-12993
onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to conduct brute-force attacks via the onefilecms_username and onefilecms_password fields.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-06-29
CVE-2018-12994
onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the New File screen.
CVSS Score
8.8
EPSS Score
0.005
Published
2018-06-29
CVE-2018-12995
onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the Upload screen.
CVSS Score
8.8
EPSS Score
0.005
Published
2018-06-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved