Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2018
CVE-2018-11525
The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is vulnerable to CSV Injection.
CVSS Score
7.8
EPSS Score
0.021
Published
2018-06-19
CVE-2018-11526
The plugin "WordPress Comments Import & Export" for WordPress (v2.0.4 and before) is vulnerable to CSV Injection.
CVSS Score
7.8
EPSS Score
0.021
Published
2018-06-19
CVE-2018-11537
Auth0 angular-jwt before 0.1.10 treats whiteListedDomains entries as regular expressions, which allows remote attackers with knowledge of the jwtInterceptorProvider.whiteListedDomains setting to bypass the domain whitelist filter via a crafted domain.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-06-19
CVE-2018-6210
D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded rostel account, which makes it easier for remote attackers to obtain access via a TELNET session.
CVSS Score
9.8
EPSS Score
0.014
Published
2018-06-19
CVE-2018-8727
Path Traversal in Gateway in Mirasys DVMS Workstation 5.12.6 and earlier allows an attacker to traverse the file system to access files or directories via the Web Client webserver.
CVSS Score
7.5
EPSS Score
0.534
Published
2018-06-19
CVE-2018-12582
An issue was discovered in AKCMS 6.1. CSRF can add an admin account via a /index.php?file=account&action=manageaccounts&job=newaccount URI.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-06-19
CVE-2018-12583
An issue was discovered in AKCMS 6.1. CSRF can delete an article via an admincp deleteitem action to index.php.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-06-19
CVE-2018-12580
library/DBTech/Security/Action/Sessions.php in DragonByte vBSecurity 3.x through 3.3.0 for vBulletin 3 and vBulletin 4 allows self-XSS via $session['user_agent'] in the "Login Sessions" feature.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-06-19
CVE-2018-12578
There is a heap-based buffer overflow in bmp_compress1_row in appliers.cpp in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-06-19
CVE-2018-1061
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
CVSS Score
6.5
EPSS Score
0.014
Published
2018-06-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved