Security Vulnerabilities - CVEs Published In September 2018
An "Out-of-band resource load" issue was discovered on Xiaomi MIWiFi Xiaomi_55DD Version 2.8.50 devices. It is possible to induce the application to retrieve the contents of an arbitrary external URL and return those contents in its own response. If a domain name (containing a random string) is used in the HTTP Host header, the application performs an HTTP request to the specified domain. The response from that request is then included in the application's own response.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-09-05
An issue was discovered in BTITeam XBTIT 2.5.4. news.php allows XSS via the id parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-09-05
e107 2.1.8 has XSS via the e107_admin/users.php?mode=main&action=list user_loginname parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-09-05
An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function __zzip_parse_root_directory in zip.c, which will lead to a denial of service attack.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-09-05
HScripts PHP File Browser Script v1.0 allows Directory Traversal via the index.php path parameter.
CVSS Score
5.3
EPSS Score
0.007
Published
2018-09-05
An issue was discovered in BTITeam XBTIT. PHP error logs are stored in an open directory (/include/logs) using predictable file names, which can lead to full path disclosure and leakage of sensitive data.
CVSS Score
5.3
EPSS Score
0.002
Published
2018-09-05
Persistent cross-site scripting (XSS) issues in Jorani 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the language parameter to session/language.
CVSS Score
5.4
EPSS Score
0.008
Published
2018-09-05
An issue was discovered in Jorani 0.6.5. SQL Injection (error-based) allows a user of the application without permissions to read and modify sensitive information from the database used by the application via the startdate or enddate parameter to leaves/validate.
CVSS Score
5.4
EPSS Score
0.003
Published
2018-09-05
The test connection functionality in the NetAudit section of Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to command injection due to improper sanitization of the rancid_password parameter.
CVSS Score
9.8
EPSS Score
0.254
Published
2018-09-05
The /etc/init.d/opsview-reporting-module script that runs at boot time in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 invokes a file that can be edited by the nagios user, and would allow attackers to elevate their privileges to root after a system restart, hence obtaining full control of the appliance.
CVSS Score
8.1
EPSS Score
0.01
Published
2018-09-05