Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2018
CVE-2018-3635
Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service via local access.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-11-14
CVE-2018-3696
Authentication bypass in the Intel RAID Web Console 3 for Windows before 4.186 may allow an unprivileged user to potentially gain administrative privileges via local access.
CVSS Score
5.5
EPSS Score
0.002
Published
2018-11-14
CVE-2018-3697
Improper directory permissions in the installer for the Intel Media Server Studio may allow unprivileged users to potentially enable an escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-11-14
CVE-2018-3698
Improper file permissions in the installer for the Intel Ready Mode Technology may allow an unprivileged user to potentially gain privileged access via local access.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-11-14
CVE-2018-3699
Cross-site scripting in the Intel RAID Web Console v3 for Windows may allow an unauthenticated user to elevate privilege via remote access.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-11-14
CVE-2018-19271
Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.28) allows SQL Injection via the main.php searchH parameter.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-11-14
CVE-2018-19277
securityScan() in PHPOffice PhpSpreadsheet through 1.5.0 allows a bypass of protection mechanisms for XXE via UTF-7 encoding in a .xlsx file
CVSS Score
8.8
EPSS Score
0.018
Published
2018-11-14
CVE-2018-19186
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the route.php paymentMethod parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-11-14
CVE-2018-19187
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in a success.php echo statement.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-11-14
CVE-2018-19188
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the success.php fort_id parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2018-11-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved