National Vulnerability Database

Subscribe to National Vulnerability Database feed
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
Updated: 18 hours 46 min ago

CVE-2018-14417

Fri, 08/03/2018 - 21:29
A command injection vulnerability was found in the web administration console in SoftNAS Cloud before 4.0.3. In particular, the snserv script did not sanitize the 'recentVersion' parameter from the snserv endpoint, allowing an unauthenticated attacker to execute arbitrary commands with root permissions.
Categories: Security News

CVE-2018-14473

Fri, 08/03/2018 - 21:29
OCS Inventory 2.4.1 lacks a proper XML parsing configuration, allowing the use of external entities. This issue can be exploited by an attacker sending a crafted HTTP request in order to exfiltrate information or cause a Denial of Service.
Categories: Security News

CVE-2018-14497

Fri, 08/03/2018 - 21:29
Tenda D152 ADSL routers allow XSS via a crafted SSID.
Categories: Security News

CVE-2018-14541

Fri, 08/03/2018 - 21:29
PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields.
Categories: Security News

CVE-2018-14593

Fri, 08/03/2018 - 21:29
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.
Categories: Security News

CVE-2018-12482

Fri, 08/03/2018 - 21:29
OCS Inventory 2.4.1 contains multiple SQL injections in the search engine. Authentication is needed in order to exploit the issues.
Categories: Security News

CVE-2018-12483

Fri, 08/03/2018 - 21:29
OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content of the ipdiscover_analyser rzo GET parameter is concatenated to a string used in an exec() call in the PHP code. Authentication is needed in order to exploit this vulnerability.
Categories: Security News

CVE-2018-14924

Fri, 08/03/2018 - 17:29
Matera Banco 1.0.0 is vulnerable to multiple stored XSS, as demonstrated by the sca/privilegio/consultarUsuario.jsf "Nome Completo" (aka user fullname) field.
Categories: Security News

CVE-2018-14925

Fri, 08/03/2018 - 17:29
Matera Banco 1.0.0 mishandles Java errors in the backend, as demonstrated by a stack trace revealing use of net.sf.acegisecurity components.
Categories: Security News

CVE-2018-14926

Fri, 08/03/2018 - 17:29
Matera Banco 1.0.0 allows CSRF, as demonstrated by a /contingency/web/messageSend/messageSendHandler.jsp request.
Categories: Security News

CVE-2018-14927

Fri, 08/03/2018 - 17:29
Matera Banco 1.0.0 is vulnerable to path traversal (allowing access to system files outside the default application folder) via the /contingency/servlet/ServletFileDownload file parameter, related to /contingency/web/receiptQuery/receiptDisplay.jsp.
Categories: Security News

CVE-2018-14928

Fri, 08/03/2018 - 17:29
/contingency/servlet/ServletFileDownload executes as root and provides unauthenticated access to files via the file parameter.
Categories: Security News

CVE-2018-14929

Fri, 08/03/2018 - 17:29
Matera Banco 1.0.0 is vulnerable to multiple reflected XSS, as demonstrated by the /contingency/web/index.jsp (aka home page) url parameter.
Categories: Security News

CVE-2018-14923

Fri, 08/03/2018 - 16:29
A vulnerability in uniview EZPlayer 1.0.6 could allow an attacker to execute arbitrary code on a targeted system via video playback.
Categories: Security News

CVE-2018-3777

Fri, 08/03/2018 - 16:29
Insufficient URI encoding in restforce before 3.0.0 allows attacker to inject arbitrary parameters into Salesforce API requests.
Categories: Security News

CVE-2018-9866

Fri, 08/03/2018 - 16:29
A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliance's, allow remote user to execute arbitrary code. This vulnerability affected GMS version 8.1 and earlier.
Categories: Security News

CVE-2018-14910

Fri, 08/03/2018 - 15:29
SeaCMS v6.61 allows Remote Code execution by placing PHP code in an allowed IP address (aka ip) to /admin/admin_ip.php (aka /adm1n/admin_ip.php). The code is executed by visiting adm1n/admin_ip.php or data/admin/ip.php. This can also be exploited through CSRF.
Categories: Security News

CVE-2018-14911

Fri, 08/03/2018 - 15:29
A file upload vulnerability exists in ukcms v1.1.7 and earlier. The vulnerability is due to the system not strictly filtering the file upload type. An attacker can exploit the vulnerability to upload a script Trojan to admin.php/admin/configset/index/group/upload.html to gain server control by composing a request for a .txt upload and then changing it to a .php upload. The attacker must have admin access to change the upload_file_ext (aka "Allow upload file suffix") setting, and must use "php,php" in this setting to bypass the "php" restriction.
Categories: Security News

CVE-2018-14912

Fri, 08/03/2018 - 15:29
cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.
Categories: Security News

CVE-2018-5490

Fri, 08/03/2018 - 15:29
Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may allow more than "read-only" access from authenticated SMBv2 and SMBv3 clients. This behavior has been resolved in the GA release. Customers running prior release candidates (RCs) are requested to update their systems to the NetApp Data ONTAP 8.3 GA release.
Categories: Security News

Pages