Security Vulnerabilities - CVEs Published In 2018
S-CMS PHP 1.0 has SQL injection in member/member_news.php via the type parameter (aka the $N_type field).
CVSS Score
9.8
EPSS Score
0.003
Published
2018-11-01
An issue was discovered in laravelCMS through 2018-04-02. \app\Http\Controllers\Backend\ProfileController.php allows upload of arbitrary PHP files because the file extension is not properly checked and uploaded files are not properly renamed.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-11-01
MiniCMS 1.10 allows full path disclosure via /mc-admin/post.php?state=delete&delete= with an invalid filename.
CVSS Score
5.3
EPSS Score
0.004
Published
2018-11-01
MiniCMS 1.10 allows file deletion via /mc-admin/post.php?state=delete&delete= because the authentication check occurs too late.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-11-01
MiniCMS 1.10 allows execution of arbitrary PHP code via the install.php sitename parameter, which affects the site_name field in mc_conf.php.
CVSS Score
9.8
EPSS Score
0.012
Published
2018-11-01
An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service (NULL pointer dereference) or possibly have unspecified other impact because nested VT-x is not properly restricted.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-11-01
A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data).
CVSS Score
6.1
EPSS Score
0.011
Published
2018-10-31
It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. A remote, authenticated attacker could use one of these flaws to execute arbitrary code, create arbitrary files, or cause denial of service on glusterfs server nodes via symlinks to relative paths.
CVSS Score
8.8
EPSS Score
0.037
Published
2018-10-31
WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to write or overwrite any file on the filesystem due to a directory traversal vulnerability in the writeFile API. An attacker can use this vulnerability to remotely execute arbitrary code.
CVSS Score
6.5
EPSS Score
0.066
Published
2018-10-31
WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to read any file on the filesystem due to a directory traversal vulnerability in the readFile API.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-10-31