Security Vulnerabilities - CVEs Published In September 2018
Multiple XSS vulnerabilities in WeaselCMS v0.3.6 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php because $_SERVER['PHP_SELF'] is mishandled.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-09-23
OTCMS 3.61 allows remote attackers to execute arbitrary PHP code via the accBackupDir parameter.
CVSS Score
8.1
EPSS Score
0.007
Published
2018-09-23
An issue was discovered in MCMS 4.6.5. There is a CSRF vulnerability that can add an administrator account via ms/basic/manager/save.do.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-09-23
An issue has been found in pdfalto through 0.2. It is a heap-based buffer overflow in the function TextPage::dump in XmlAltoOutputDev.cc.
CVSS Score
7.8
EPSS Score
0.002
Published
2018-09-23
BigTree 4.2.23 on Windows, when Advanced or Simple Rewrite routing is enabled, allows remote attackers to bypass authentication via a ..\ substring, as demonstrated by a launch.php?bigtree_htaccess_url=admin/images/..\ URI.
CVSS Score
8.1
EPSS Score
0.005
Published
2018-09-23
An issue was discovered in libsvg2 through 2012-10-19. The svgGetNextPathField function in svg_string.c returns its input pointer in certain circumstances, which might result in a memory leak caused by wasteful malloc calls.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-09-22
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in svgStringToLength in svg_types.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because sscanf is misused.
CVSS Score
9.8
EPSS Score
0.009
Published
2018-09-22
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svg_string.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because a strncpy copy limit is miscalculated.
CVSS Score
9.8
EPSS Score
0.009
Published
2018-09-22
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n substrings.
CVSS Score
7.8
EPSS Score
0.004
Published
2018-09-22
An issue was discovered in SeaCMS 6.64. XSS exists in admin_datarelate.php via the time or maxHit parameter in a dorandomset action.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-09-22