Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2018
CVE-2018-16453
PHP Scripts Mall Domain Lookup Script 3.0.5 allows XSS in the search bar.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-10-04
CVE-2018-0503
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where contrary to the documentation, $wgRateLimits entry for 'user' overrides that for 'newbie'.
CVSS Score
4.3
EPSS Score
0.004
Published
2018-10-04
CVE-2018-0504
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains an information disclosure flaw in the Special:Redirect/logid
CVSS Score
6.5
EPSS Score
0.015
Published
2018-10-04
CVE-2018-0505
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock
CVSS Score
6.5
EPSS Score
0.004
Published
2018-10-04
CVE-2018-13258
Mediawiki 1.31 before 1.31.1 misses .htaccess files in the provided tarball used to protect some directories that shouldn't be web accessible.
CVSS Score
5.3
EPSS Score
0.001
Published
2018-10-04
CVE-2018-17871
Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Incorrect Access Control.
CVSS Score
6.5
EPSS Score
0.006
Published
2018-10-04
CVE-2018-17872
Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Insecure Permissions.
CVSS Score
8.8
EPSS Score
0.014
Published
2018-10-04
CVE-2018-17876
A Stored XSS vulnerability has been discovered in the v5.5.0 version of the Coaster CMS product.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-10-04
CVE-2018-1604
IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 143794.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-10-04
CVE-2018-1670
IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive product configuration information from log files. IBM X-Force ID: 144946.
CVSS Score
3.1
EPSS Score
0.002
Published
2018-10-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved