Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2018
CVE-2018-18430
An issue was discovered in DESTOON B2B 7.0. admin\setting.inc.php has XSS via the first text box to the admin.php URI.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-10-17
CVE-2018-18431
An issue was discovered in DESTOON B2B 7.0. XSS exists via certain text boxes to the admin.php?moduleid=2&action=add URI.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-10-17
CVE-2018-18432
An issue was discovered in DESTOON B2B 7.0. CSRF exists via the admin.php URI in an action=add request.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-10-17
CVE-2018-18433
An issue was discovered in DESTOON B2B 7.0. admin/category.inc.php has XSS via the category[catname] parameter to the admin.php URI.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-10-17
CVE-2018-18407
A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service.
CVSS Score
5.5
EPSS Score
0.003
Published
2018-10-17
CVE-2018-18408
A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-10-17
CVE-2018-18409
A stack-based buffer over-read exists in setbit() at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an address_histogram call or a get_histogram call.
CVSS Score
5.5
EPSS Score
0.003
Published
2018-10-17
CVE-2018-17899
LAquis SCADA Versions 4.1.0.3870 and prior has a path traversal vulnerability, which may allow remote code execution.
CVSS Score
8.8
EPSS Score
0.083
Published
2018-10-17
CVE-2018-17901
LAquis SCADA Versions 4.1.0.3870 and prior, when processing project files the application fails to sanitize user input prior to performing write operations on a stack object, which may allow an attacker to execute code under the current process.
CVSS Score
7.8
EPSS Score
0.003
Published
2018-10-17
CVE-2018-17911
LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based buffer overflow vulnerabilities, which may allow remote code execution.
CVSS Score
7.8
EPSS Score
0.007
Published
2018-10-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved