Security Vulnerabilities - CVEs Published In September 2018
SeaCMS 6.61 allows remote attackers to execute arbitrary code because parseIf() in include/main.class.php does not block use of $GLOBALS.
CVSS Score
7.2
EPSS Score
0.03
Published
2018-09-02
An issue was discovered in zzcms 8.3. It allows remote attackers to delete arbitrary files via directory traversal sequences in the flv parameter. This can be leveraged for database access by deleting install.lock.
CVSS Score
7.5
EPSS Score
0.009
Published
2018-09-02
Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-09-02
admin.php?s=/Admin/doedit in DamiCMS v6.0.0 allows CSRF to change the administrator account's password.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-09-02
An issue was discovered in iCMS 7.0.9. There is an admincp.php?app=article&do=update CSRF vulnerability.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-09-02
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server. While processing the ssid parameter for a POST request, the value is directly used in a sprintf call to a local variable placed on the stack, which overrides the return address of the function, causing a buffer overflow.
CVSS Score
7.5
EPSS Score
0.006
Published
2018-09-02
An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN and AC10 V15.03.06.23_CN devices. The mac parameter in a POST request is used directly in a doSystemCmd call, causing OS command injection.
CVSS Score
8.8
EPSS Score
0.039
Published
2018-09-02
newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209.
CVSS Score
8.8
EPSS Score
0.019
Published
2018-09-02
Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, a different vulnerability than CVE-2018-10999.
CVSS Score
6.5
EPSS Score
0.003
Published
2018-09-02
There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title field.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-09-01