Security Vulnerabilities - CVEs Published In September 2018
An XSS issue was discovered in CremeCRM 1.6.12. It is affected by 10 stored Cross-Site Scripting (XSS) vulnerabilities in the firstname, lastname, billing_address-address, billing_address-zipcode, billing_address-city, billing_address-department, shipping_address-address, shipping_address-zipcode, shipping_address-city, and shipping_address-department parameters in the contact creation and modification page. The payload is stored within the application database and allows the execution of JavaScript code each time a client visit an infected page.
CVSS Score
5.4
EPSS Score
0.003
Published
2018-09-07
An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Denial of Service can occur through the open HTTP interface, aka KONE-04.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-09-07
An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Unauthenticated Remote Code Execution is possible through the open HTTP interface by modifying autoexec.bat, aka KONE-01.
CVSS Score
9.8
EPSS Score
0.083
Published
2018-09-07
An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. FTP does not require authentication or authorization, aka KONE-03.
CVSS Score
9.1
EPSS Score
0.011
Published
2018-09-07
An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Unauthenticated Local File Inclusion and File modification is possible through the open HTTP interface by modifying the name parameter of the file endpoint, aka KONE-02.
CVSS Score
9.1
EPSS Score
0.003
Published
2018-09-07
The "PayWinner" function of a simplelottery smart contract implementation for The Ethereum Lottery, an Ethereum gambling game, generates a random value with publicly readable variable "maxTickets" (which is private, yet predictable and readable by the eth.getStorageAt function). Therefore, it allows attackers to always win and get rewards.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-09-07
Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter.
CVSS Score
5.3
EPSS Score
0.371
Published
2018-09-07
The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via the lang parameter in a wp-admin/admin.php?page=wp_file_manager request because set_transient is used in file_folder_manager.php and there is an echo of lang in lib\wpfilemanager.php.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-09-07
Homeputer CL Studio fur HomeMatic 4.0 Rel 160808 and earlier uses cleartext to exchange the username and password between server and client instances, which allows remote attackers to obtain sensitive information via a man in the middle attack.
CVSS Score
8.1
EPSS Score
0.003
Published
2018-09-07
SolarWinds DameWare Mini Remote Control before 12.1 has a Buffer Overflow.
CVSS Score
7.8
EPSS Score
0.003
Published
2018-09-07