Search
Search Results (341258 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20613 | 1 Temmoku Project | 1 Temmoku | 2024-11-21 | N/A |
| TEMMOKU T1.09 Beta allows admin/user/add CSRF. | ||||
| CVE-2018-20612 | 1 Asthis | 1 Universal Website Asthis | 2024-11-21 | N/A |
| UWA 2.3.11 allows index.php?g=admin&c=admin&a=add_admin_do CSRF. | ||||
| CVE-2018-20611 | 1 Txjia | 1 Imcat | 2024-11-21 | N/A |
| imcat 4.4 allow XSS via a crafted cookie to the root/tools/adbug/binfo.php?cookie URI. | ||||
| CVE-2018-20610 | 1 Txjia | 1 Imcat | 2024-11-21 | N/A |
| imcat 4.4 allows directory traversal via the root/run/adm.php efile parameter. | ||||
| CVE-2018-20609 | 1 Txjia | 1 Imcat | 2024-11-21 | N/A |
| imcat 4.4 allows remote attackers to obtain potentially sensitive configuration information via the root/tools/adbug/check.php URI. | ||||
| CVE-2018-20608 | 1 Txjia | 1 Imcat | 2024-11-21 | N/A |
| imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI. | ||||
| CVE-2018-20607 | 1 Txjia | 1 Imcat | 2024-11-21 | N/A |
| imcat 4.4 allows remote attackers to obtain potentially sensitive debugging information via the root/tools/adbug/binfo.php URI. | ||||
| CVE-2018-20606 | 1 Txjia | 1 Imcat | 2024-11-21 | N/A |
| imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr&api=Pcoln&uip= URI. | ||||
| CVE-2018-20605 | 1 Txjia | 1 Imcat | 2024-11-21 | N/A |
| imcat 4.4 allows remote attackers to execute arbitrary PHP code by using root/run/adm.php to modify the boot/bootskip.php file. | ||||
| CVE-2018-20604 | 1 Lfdycms | 1 Lei Feng Tv Cms | 2024-11-21 | N/A |
| Lei Feng TV CMS (aka LFCMS) 3.8.6 allows Directory Traversal via crafted use of ..* in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/*web*..*..*..*..*1.txt.html URI to read the 1.txt file. | ||||
| CVE-2018-20603 | 1 Lfdycms | 1 Lei Feng Tv Cms | 2024-11-21 | N/A |
| Lei Feng TV CMS (aka LFCMS) 3.8.6 allows admin.php?s=/Member/add.html CSRF. | ||||
| CVE-2018-20602 | 1 Lfdycms | 1 Lei Feng Tv Cms | 2024-11-21 | N/A |
| Lei Feng TV CMS (aka LFCMS) 3.8.6 allows full path disclosure via the /install.php?s=/1 URI. | ||||
| CVE-2018-20601 | 1 Ucms Project | 1 Ucms | 2024-11-21 | N/A |
| UCMS 1.4.7 has XSS via the description parameter in an index.php list_editpost action. | ||||
| CVE-2018-20600 | 1 Ucms Project | 1 Ucms | 2024-11-21 | N/A |
| sadmin\cedit.php in UCMS 1.4.7 has XSS via an index.php sadmin_cedit action. | ||||
| CVE-2018-20599 | 1 Ucms Project | 1 Ucms | 2024-11-21 | N/A |
| UCMS 1.4.7 allows remote attackers to execute arbitrary PHP code by entering this code during an index.php sadmin_fileedit action. | ||||
| CVE-2018-20598 | 1 Ucms Project | 1 Ucms | 2024-11-21 | N/A |
| UCMS 1.4.7 has ?do=user_addpost CSRF. | ||||
| CVE-2018-20597 | 1 Ucms Project | 1 Ucms | 2024-11-21 | N/A |
| UCMS 1.4.7 has XSS via the dir parameter in an index.php sadmin_fileedit action. | ||||
| CVE-2018-20596 | 1 Jspxcms | 1 Jspxcms | 2024-11-21 | N/A |
| Jspxcms v9.0.0 allows SSRF. | ||||
| CVE-2018-20595 | 1 Hsweb | 1 Hsweb | 2024-11-21 | N/A |
| A CSRF issue was discovered in web/authorization/oauth2/controller/OAuth2ClientController.java in hsweb 3.0.4 because the state parameter in the request is not compared with the state parameter in the session after user authentication is successful. | ||||
| CVE-2018-20594 | 1 Hsweb | 1 Hsweb | 2024-11-21 | N/A |
| An issue was discovered in hsweb 3.0.4. It is a reflected XSS vulnerability due to the absence of type parameter checking in FlowableModelManagerController.java. | ||||