Max CVSS 10.0 Min CVSS 6.0 Total Count5
IDCVSSSummaryLast (major) updatePublished
CVE-2018-6928 7.5
PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term.
13-02-2018 - 12:29 13-02-2018 - 12:29
CVE-2018-6911 10.0
The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess 8.3.0 allows remote attackers to execute arbitrary OS commands via a single argument (aka the command parameter).
13-02-2018 - 09:29 13-02-2018 - 09:29
CVE-2018-6889 6.5
An issue was discovered in Typesetter 5.1. It suffers from a Host header injection vulnerability, Using this attack, a malicious user can poison the web cache or perform advanced password reset attacks or even trigger arbitrary user re-direction.
11-02-2018 - 22:29 11-02-2018 - 22:29
CVE-2018-6888 6.0
An issue was discovered in Typesetter 5.1. The User Permissions page (aka Admin/Users) suffers from critical flaw of Cross Site Request forgery: using a forged HTTP request, a malicious user can lead a user to unknowingly create / delete or modify a
11-02-2018 - 22:29 11-02-2018 - 22:29
CVE-2018-6892 7.5
An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result i
11-02-2018 - 13:29 11-02-2018 - 13:29
Back to Top Mark selected
Back to Top