News aggregator

CVE-2018-18712

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's username via index.php?m=member&f=index&v=edit&uid=1.
Categories: Security News

CVE-2018-18713

National Vulnerability Database - Mon, 10/29/2018 - 08:29
The function down_sql_action() in /admin/model/database.class.php in PHPYun 4.6 allows remote attackers to read arbitrary files via directory traversal in an m=database&c=down_sql&name=../ URI.
Categories: Security News

CVE-2018-18717

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered in Eleanor CMS through 2015-03-19. XSS exists via the ajax.php?direct=admin&file=autocomplete&query=[XSS] URI.
Categories: Security News

CVE-2018-18718

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered in gThumb through 3.6.2. There is a double-free vulnerability in the add_themes_from_dir method in dlg-contact-sheet.c because of two successive calls of g_free, each of which frees the same buffer.
Categories: Security News

CVE-2018-18720

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An XSS issue was discovered in index.php/admin/system/basic in YUNUCMS 1.1.5.
Categories: Security News

CVE-2018-18721

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An XSS issue was discovered in admin/link/editlink?id=5 in YUNUCMS 1.1.5.
Categories: Security News

CVE-2018-18722

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An XSS issue was discovered in admin/content/editcontent?id=29&gopage=1 in YUNUCMS 1.1.5.
Categories: Security News

CVE-2018-18723

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An XSS issue was discovered in index.php/admin/area/editarea/id/110000 in YUNUCMS 1.1.5.
Categories: Security News

CVE-2018-18703

National Vulnerability Database - Mon, 10/29/2018 - 08:29
PhpTpoint Mailing Server Using File Handling 1.0 suffers from multiple Arbitrary File Read vulnerabilities in different sections that allow an attacker to read sensitive files on the system via directory traversal, bypassing the login page, as demonstrated by the Mailserver_filesystem/home.php coninb, consent, contrsh, condrft, or conspam parameter.
Categories: Security News

CVE-2018-18704

National Vulnerability Database - Mon, 10/29/2018 - 08:29
PhpTpoint Pharmacy Management System suffers from a SQL injection vulnerability in the index.php username parameter.
Categories: Security News

CVE-2018-18705

National Vulnerability Database - Mon, 10/29/2018 - 08:29
PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php.
Categories: Security News

CVE-2018-18706

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "page" parameter of the function "fromDhcpListClient" for a request, it is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function.
Categories: Security News

CVE-2018-18707

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "ssid" parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function.
Categories: Security News

CVE-2018-18708

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "page" parameter of the function "fromAddressNat" for a post request, the value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function.
Categories: Security News

CVE-2018-18709

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "firewallEn" parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function.
Categories: Security News

CVE-2018-18710

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.
Categories: Security News

CVE-2018-18711

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's password via index.php?m=core&f=panel&v=edit_info.
Categories: Security News

CVE-2018-18694

National Vulnerability Database - Mon, 10/29/2018 - 08:29
admin/index.php?id=filesmanager in Monstra CMS 3.0.4 allows remote authenticated administrators to trigger stored XSS via JavaScript content in a file whose name lacks an extension. Such a file is interpreted as text/html in certain cases.
Categories: Security News

CVE-2018-18699

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered in GoPro gpmf-parser 1.2.1. There is an out-of-bounds write in OpenMP4Source in GPMF_mp4reader.c.
Categories: Security News

CVE-2018-18700

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.
Categories: Security News

Pages