Security Vulnerabilities - CVEs Published In October 2018
An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's password via index.php?m=core&f=panel&v=edit_info.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-10-29
admin/index.php?id=filesmanager in Monstra CMS 3.0.4 allows remote authenticated administrators to trigger stored XSS via JavaScript content in a file whose name lacks an extension. Such a file is interpreted as text/html in certain cases.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-10-29
An issue was discovered in GoPro gpmf-parser 1.2.1. There is an out-of-bounds write in OpenMP4Source in GPMF_mp4reader.c.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-10-29
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.
CVSS Score
5.5
EPSS Score
0.008
Published
2018-10-29
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.
CVSS Score
5.5
EPSS Score
0.004
Published
2018-10-29
spider.admincp.php in iCMS v7.0.11 allows SQL injection via admincp.php?app=spider&do=import_rule because the upfile content is base64 decoded, deserialized, and used for database insertion.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-10-29
ProjectSend (formerly cFTP) r582 allows authentication bypass via a direct request for users.php, home.php, edit-file.php?file_id=1, or process-zip-download.php, or add_user_form_* parameters to users-add.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2018-10-29
ProjectSend (formerly cFTP) r582 allows directory traversal via file=../ in the process-zip-download.php query string.
CVSS Score
9.8
EPSS Score
0.006
Published
2018-10-29
ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log.export.php.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-10-29
ProjectSend (formerly cFTP) r582 allows SQL injection via manage-files.php with the request parameter status, manage-files.php with the request parameter files, clients.php with the request parameter selected_clients, clients.php with the request parameter status, process-zip-download.php with the request parameter file, or home-log.php with the request parameter action.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-10-29