Total
4613 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-1999022 | 2 Civicrm, Html Quickform Project | 2 Civicrm, Html Quickform | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
PEAR HTML_QuickForm version 3.2.14 contains an eval injection (CWE-95) vulnerability in HTML_QuickForm's getSubmitValue method, HTML_QuickForm's validate method, HTML_QuickForm_hierselect's _setOptions method, HTML_QuickForm_element's _findValue method, HTML_QuickForm_element's _prepareValue method. that can result in Possible information disclosure, possible impact on data integrity and execution of arbitrary code. This attack appear to be exploitable via A specially crafted query string could be utilised, e.g. http://www.example.com/admin/add_practice_type_id[1]=fubar%27])%20OR%20die(%27OOK!%27);%20//&mode=live. This vulnerability appears to have been fixed in 3.2.15. | |||||
CVE-2018-1999019 | 1 Chamilo | 1 Chamilo Lms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Chamilo LMS version 11.x contains an Unserialization vulnerability in the "hash" GET parameter for the api endpoint located at /webservices/api/v2.php that can result in Unauthenticated remote code execution. This attack appear to be exploitable via a simple GET request to the api endpoint. This vulnerability appears to have been fixed in After commit 0de84700648f098c1fbf6b807dee28ec640efe62. | |||||
CVE-2018-18903 | 1 Vanillaforums | 1 Vanilla | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Vanilla 2.6.x before 2.6.4 allows remote code execution. | |||||
CVE-2018-18892 | 1 1234n | 1 Minicms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
MiniCMS 1.10 allows execution of arbitrary PHP code via the install.php sitename parameter, which affects the site_name field in mc_conf.php. | |||||
CVE-2018-18879 | 1 Columbiaweather | 2 Weather Microserver, Weather Microserver Firmware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can pipe commands directly to the underlying operating system as user input is not sanitized in networkdiags.php. | |||||
CVE-2018-18836 | 1 My-netdata | 1 Netdata | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
An issue was discovered in Netdata 1.10.0. JSON injection exists via the api/v1/data tqx parameter because of web_client_api_request_v1_data in web/api/web_api_v1.c. | |||||
CVE-2018-18835 | 1 Doccms | 1 Doccms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
upload_template() in system/changeskin.php in DocCms 2016.5.12 allows remote attackers to execute arbitrary PHP code via a template file. | |||||
CVE-2018-18573 | 1 Oscommerce | 1 Oscommerce | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Remote authenticated administrators can upload new '.htaccess' files (e.g., omitting .php) and subsequently achieve arbitrary PHP code execution via a /catalog/admin/categories.php?cPath=&action=new_product URI. | |||||
CVE-2018-18461 | 1 Kibokolabs | 1 Arigato Autoresponder And Newsletter | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
The Arigato Autoresponder and Newsletter (aka bft-autoresponder) v2.5.1.7 plugin for WordPress allows remote attackers to execute arbitrary code via PHP code in attachments[] data to models/attachment.php. | |||||
CVE-2018-18426 | 1 S-cms | 1 S-cms | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
s-cms 3.0 allows remote attackers to execute arbitrary PHP code by placing this code in a crafted User-agent Disallow value in the robots.php txt parameter. | |||||
CVE-2018-18319 | 1 Asuswrt-merlin Project | 28 Rt-ac1900, Rt-ac1900 Firmware, Rt-ac2900 and 25 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
** DISPUTED ** An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command&class=remote&Cc='ls' URI. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution. | |||||
CVE-2018-18258 | 1 Bagesoft | 1 Bagecms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in BageCMS 3.1.3. The attacker can execute arbitrary PHP code on the web server and can read any file on the web server via an index.php?r=admini/template/updateTpl&filename= URI. | |||||
CVE-2018-18249 | 1 Icinga | 1 Icinga Web 2 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the attacker, such as a name=${PATH}_${APACHE_RUN_DIR}_${APACHE_RUN_USER} parameter to /icingaweb2/navigation/add or /icingaweb2/dashboard/new-dashlet. | |||||
CVE-2018-18083 | 1 Comsenz | 1 Duomicms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is possible via the search.php searchword parameter because "eval" is used during "if" processing. | |||||
CVE-2018-17827 | 1 Hisiphp | 1 Hisiphp | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
HisiPHP 1.0.8 allows remote attackers to execute arbitrary PHP code by editing a plugin's name to contain that code. This name is then injected into app/admin/model/AdminPlugins.php. | |||||
CVE-2018-17364 | 1 Otcms | 1 Otcms | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
OTCMS 3.61 allows remote attackers to execute arbitrary PHP code via the accBackupDir parameter. | |||||
CVE-2018-17207 | 1 Snapcreek | 1 Duplicator | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing leftover installer files (installer.php and installer-backup.php), an attacker can inject PHP code into wp-config.php during the database setup step, achieving arbitrary code execution. | |||||
CVE-2018-17173 | 1 Lg | 1 Supersign Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail. | |||||
CVE-2018-17170 | 1 Teamwire | 1 Teamwire | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
Grouptime Teamwire Desktop Client 1.5.1 prior to 1.9.0 on Windows allows code injection via a template, leading to remote code execution. All backend versions prior to prod-2018-11-13-15-00-42 are affected. | |||||
CVE-2018-17134 | 1 Phpmywind | 1 Phpmywind | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the cfg_author field in conjunction with a crafted cfg_webpath field. |