Security Vulnerabilities - CVEs Published In September 2018
An issue was discovered in Rausoft ID.prove 2.95. The login page allows SQL injection via Microsoft SQL Server stacked queries in the Username POST parameter. Hypothetically, an attacker can utilize master..xp_cmdshell for the further privilege elevation.
CVSS Score
9.8
EPSS Score
0.011
Published
2018-09-28
An arbitrary file upload vulnerability in Progress Sitefinity CMS versions 4.0 through 11.0 related to image uploads.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-09-28
Cross-site scripting (XSS) vulnerability in ServiceStack in Progress Sitefinity CMS versions 10.2 through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.0
Published
2018-09-28
SQL Injection exists in the Music Collection 3.0.3 component for Joomla! via the id parameter.
CVSS Score
9.8
EPSS Score
0.03
Published
2018-09-28
SQL Injection exists in the Reverse Auction Factory 4.3.8 component for Joomla! via the filter_order_Dir, cat, or filter_letter parameter.
CVSS Score
9.8
EPSS Score
0.03
Published
2018-09-28
CMS ISWEB 3.5.3 is vulnerable to multiple SQL injection flaws. An attacker can inject malicious queries into the application and obtain sensitive information.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-09-28
CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file download, as demonstrated by moduli/downloadFile.php?file=oggetto_documenti/../.././inc/config.php (one can take the control of the application because credentials are present in that config.php file).
CVSS Score
9.8
EPSS Score
0.002
Published
2018-09-28
The Image Import function in XWiki through 10.7 has XSS.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-09-28
In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a logged in user opens it, the email could cause the browser to load external image or CSS resources.
CVSS Score
4.3
EPSS Score
0.006
Published
2018-09-28
Cross-site scripting (XSS) vulnerability in Progress Kendo UI Editor v2018.1.221 allows remote attackers to inject arbitrary JavaScript into the DOM of the WYSIWYG editor because of the editorNS.Serializer toEditableHtml function in kendo.all.min.js. If the victim accesses the editor, the payload gets executed. Furthermore, if the payload is reflected at any other resource that does rely on the sanitisation of the editor itself, the JavaScript payload will be executed in the context of the application. This allows attackers (in the worst case) to take over user sessions.
CVSS Score
6.1
EPSS Score
0.001
Published
2018-09-28