Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2018
CVE-2018-5860
In the MDSS driver in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, a data structure may be used without being initialized correctly.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-06-15
CVE-2018-5863
If userspace provides a too-large WPA RSN IE length in wlan_hdd_cfg80211_set_ie(), a buffer overflow occurs in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-06-15
CVE-2018-12498
spider.admincp.php in iCMS v7.0.8 has SQL Injection via the id parameter in an app=spider&do=batch request to admincp.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-06-15
CVE-2018-12491
PHPOK 4.9.032 has an arbitrary file upload vulnerability in the import_f function in framework/admin/modulec_control.php, as demonstrated by uploading a .php file within a .php.zip archive, a similar issue to CVE-2018-8944.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-06-15
CVE-2018-12492
PHPOK 4.9.032 has an arbitrary file deletion vulnerability in the delfile_f function in framework/admin/tpl_control.php.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-06-15
CVE-2018-12493
An issue was discovered in PublicCMS V4.0.20180210. There is a "Directory Traversal" and "Arbitrary file read" vulnerability via an admin/cmsWebFile/list.html?path=../ URI.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-06-15
CVE-2018-12494
An issue was discovered in PublicCMS V4.0.20180210. There is a "Directory Traversal" and "Arbitrary file read" vulnerability via an admin/cmsTemplate/content.html?path=../ URI.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-06-15
CVE-2018-12495
The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
CVSS Score
5.5
EPSS Score
0.005
Published
2018-06-15
CVE-2018-12030
Chevereto Free before 1.0.13 has XSS.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-06-15
CVE-2018-12034
In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c.
CVSS Score
7.8
EPSS Score
0.002
Published
2018-06-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved