Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2018-11-16
Low
Med.
Low
Med.
Low
Med.
Med.
High
High
Med.
Med.
Med.
Med.

The latest CVEs

2018-11-16
CVE-2018-15769
RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service (DoS) on TLS clients during the handshake when a very large prime value is sent to the TLS client, and an Ephemeral or Anony...
CVE-2018-19319
SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=gifts&a=update to change goods prices with the super administrator's privileges.
CVE-2018-19318
SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=manager&a=update to change the username and password of the super administrator account.
CVE-2018-19312
Centreon 3.4.x allows SQL Injection via the searchVM parameter to the main.php?p=20408 URI.
CVE-2018-19311
Centreon 3.4.x allows XSS via the Service field to the main.php?p=20201 URI, as demonstrated by the "Monitoring > Status Details > Services" screen.
CVE-2018-18955
In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace can bypass access controls on resources outside the namespace, as demonstrated by read...
CVE-2018-18806
School Equipment Monitoring System 1.0 allows SQL injection via the login screen, related to include/user.vb.
CVE-2018-18805
PointOfSales 1.0 allows SQL injection via the login screen, related to LoginForm1.vb.
CVE-2018-18804
Bakeshop Inventory System 1.0 has SQL injection via the login screen, related to include/publicfunction.vb.
CVE-2018-18803
Curriculum Evaluation System 1.0 allows SQL Injection via the login screen, related to frmCourse.vb and includes/user.vb.

Dorks

2018-11-13
Med.
Web Portal People LLC 2018 OurClassOnline USA Unauthorized Arbitrary File Insert Vulnerability
intext:''To obtain a site like this for your class visit www.ourclassonline.com.''
KingSkrupellos
Med.
WEBSITE DEVELOPED BY: A R INFOTECH SQL injection
inurl:product-detail.php?id= intext:"WEBSITE DEVELOPED BY: A R INFOTECH"
Mikayil Ilyas
Med.
WEBSITE DEVELOPED BY: A R INFOTECH SQL injection
inurl:product-detail.php?id= intext:"WEBSITE DEVELOPED BY: A R INFOTECH"
Mikayil Ilyas
Med.
Developed By NaiveScripters Noakhali Science and Technology University Bangladesh SQL Injection Vulnerability
intext:''Developed By NaiveScripters'' site:edu.bd
KingSkrupellos
2018-11-12
Med.
Powered By Dimofinf CMS Version 4.0.0 Saudi-Arabia Government Unauthorized Arbitrary Insert File Vulnerability
intext:''Powered by Dimofinf cms Version 4.0.0'' site:gov.sa
KingSkrupellos

Copyright 2018, cxsecurity.com

 

Back to Top