Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2018
CVE-2018-11541
A root privilege escalation vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface allows unauthorised access to privileged content via an unspecified vector. It affects the 1000 and 2000 devices 6.0.x up to Build 446, 6.1.x up to Build 492, and 7.0.x up to Build 485. It affects the SWe Lite devices 6.1.x up to Build 111 and 7.0.x up to Build 140.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-07-09
CVE-2018-11542
A Remote Command Execution (RCE) vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface allows for the execution of arbitrary commands via an unspecified vector. It affects the 1000 and 2000 devices 6.0.x up to Build 446, 6.1.x up to Build 492, and 7.0.x up to Build 485. It affects the SWe Lite devices 6.1.x up to Build 111 and 7.0.x up to Build 140.
CVSS Score
9.8
EPSS Score
0.021
Published
2018-07-09
CVE-2018-11543
A Local File Inclusion (LFI) vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface allows for the downloading of arbitrary files via an unspecified vector. It affects the 1000 and 2000 devices 6.0.x up to Build 446, 6.1.x up to Build 492, and 7.0.x up to Build 485. It affects the SWe Lite devices 6.1.x up to Build 111 and 7.0.x up to Build 140.
CVSS Score
7.5
EPSS Score
0.005
Published
2018-07-09
CVE-2018-13256
PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or firstname parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-07-09
CVE-2017-16890
SWFTools 0.9.2 has a divide-by-zero error in the wav_convert2mono function in lib/wav.c because the align value may be zero.
CVSS Score
5.5
EPSS Score
0.002
Published
2018-07-09
CVE-2018-13784
PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie encryption in Cookie.php, Rinjdael.php, and Blowfish.php.
CVSS Score
9.1
EPSS Score
0.506
Published
2018-07-09
CVE-2018-13781
The mintToken function of a smart contract implementation for MyYLC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-07-09
CVE-2018-13782
The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-07-09
CVE-2018-13783
The mintToken function of a smart contract implementation for JiucaiToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-07-09
CVE-2018-13760
The mintToken function of a smart contract implementation for MoneyChainNet (MCN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-07-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved