Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2018
CVE-2018-19749
DomainMOD through 4.11.01 has XSS via the assets/add/account-owner.php Owner name field.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-11-29
CVE-2018-19750
DomainMOD through 4.11.01 has XSS via the admin/domain-fields/ notes field in an Add Custom Field action for Custom Domain Fields.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-11-29
CVE-2018-19751
DomainMOD through 4.11.01 has XSS via the admin/ssl-fields/add.php notes field for Custom SSL Fields.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-11-29
CVE-2018-19752
DomainMOD through 4.11.01 has XSS via the assets/add/registrar.php notes field for the Registrar.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-11-29
CVE-2018-15537
Unrestricted file upload (with remote code execution) in OCS Inventory NG ocsreports allows a privileged user to gain access to the server via crafted HTTP requests.
CVSS Score
8.8
EPSS Score
0.023
Published
2018-11-29
CVE-2018-19120
The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows attackers to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-11-29
CVE-2018-19748
app/plug/attachment/controller/admincontroller.php in SDCMS 1.6 allows reading arbitrary files via a /?m=plug&c=admin&a=index&p=attachment&root= directory traversal. The value of the root parameter must be base64 encoded (note that base64 encoding, instead of URL encoding, is very rare in a directory traversal attack vector).
CVSS Score
7.5
EPSS Score
0.004
Published
2018-11-29
CVE-2018-15978
Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVSS Score
7.5
EPSS Score
0.093
Published
2018-11-29
CVE-2018-15979
Adobe Acrobat and Reader versions 2019.008.20080 and earlier, 2017.011.30105 and earlier, and 2015.006.30456 and earlier have a ntlm sso hash theft vulnerability. Successful exploitation could lead to information disclosure.
CVSS Score
7.5
EPSS Score
0.023
Published
2018-11-29
CVE-2018-15980
Adobe Photoshop CC versions 19.1.6 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVSS Score
7.5
EPSS Score
0.11
Published
2018-11-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved