| Max CVSS | 7.5 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-7602 | 7.5 |
A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability
|
02-07-2024 - 17:41 | 19-07-2018 - 17:29 | |
| CVE-2018-9160 | 5.0 |
SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses.
|
03-10-2019 - 00:03 | 31-03-2018 - 21:29 | |
| CVE-2018-8057 | 7.5 |
A SQL Injection vulnerability exists in Western Bridge Cobub Razor 0.8.0 via the channel_name or platform parameter in a /index.php?/manage/channel/addchannel request, related to /application/controllers/manage/channel.php.
|
28-02-2019 - 17:59 | 11-03-2018 - 18:29 | |
| CVE-2007-5089 | 7.5 |
PHP remote file inclusion vulnerability in php-inc/log.inc.php in sk.log 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SKIN_URL parameter.
|
15-10-2018 - 21:40 | 26-09-2007 - 20:17 | |
| CVE-2016-10036 | 7.5 |
Unrestricted file upload vulnerability in ui/artifact/upload in JFrog Artifactory before 4.16 allows remote attackers to (1) deploy an arbitrary servlet application and execute arbitrary code by uploading a war file or (2) possibly write to arbitrary
|
13-06-2018 - 14:23 | 01-05-2018 - 19:29 | |
| CVE-2018-10365 | 3.5 |
An XSS issue was discovered in the Threads to Link plugin 1.3 for MyBB. When editing a thread, the user is given the option to convert the thread to a link. The thread link input box is not properly sanitized.
|
05-06-2018 - 18:33 | 01-05-2018 - 16:29 | |
| CVE-2018-10366 | 4.3 |
An issue was discovered in the Users (aka Front-end user management) plugin 1.4.5 for October CMS. XSS exists in the name field.
|
25-05-2018 - 12:11 | 25-04-2018 - 09:29 |