Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2018-09-22
Med.
Low
Med.
Med.
Med.
Med.
Med.
Med.
Med.
Med.
Med.
2018-09-21
Med.
Med.

The latest CVEs

2018-09-22
CVE-2018-17322
Cross-site scripting (XSS) vulnerability in index.php/index/category/index in YUNUCMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the area parameter.
CVE-2018-17321
An issue was discovered in SeaCMS 6.64. XSS exists in admin_datarelate.php via the time or maxHit parameter in a dorandomset action.
2018-09-21
CVE-2018-14891
Management Console in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local privilege escalation vulnerability.
CVE-2018-14890
Vectra Networks Cognito Brain and Sensor before 4.2 contains a cross-site scripting (XSS) vulnerability in the Web Management Console.
CVE-2018-14889
CouchDB in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local code execution vulnerability.
CVE-2018-12169
Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation Intel Core Processor contains a logic error which may allow physical attacker to potentially bypass firmware authentication.
CVE-2018-17320
An issue was discovered in UCMS 1.4.6. aaddpost.php has stored XSS via the sadmin/aindex.php minfo parameter in a sadmin_aaddpost action.
CVE-2018-17317
FruityWifi (aka PatatasFritas/PatataWifi) 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the io_mode, ap_mode, io_action, io_in_iface, io_in_set, io_in_ip, io_in_mask, io_in_gw, io_out_iface, io_out_set, io_out_mask, io_out_gw, iface, or domain parameter to /www/script/config_iface.php, or the newSSID, hostapd...
CVE-2018-9282
An XSS issue was discovered in Subsonic Media Server 6.1.1. The podcast subscription form is affected by a stored XSS vulnerability in the add parameter to podcastReceiverAdmin.view; no administrator access is required. By injecting a JavaScript payload, this flaw could be used to manipulate a user's session, or elevate privileges by targeting an a...
CVE-2018-17174
A stack-based buffer overflow was discovered in the xtimor NMEA library (aka nmealib) 0.5.3. nmea_parse() in parser.c allows an attacker to trigger denial of service (even arbitrary code execution in a certain context) in a product using this library via malformed data.

Dorks

2018-09-22
Med.
Designed by Longtail E-Media Improper Access Control and RFU Vulnerability
intext:''Designed by Longtail E-media'' site:com
AYAR
Low
MyBB Visual Editor Stored XSS <= v1.8.18( CVE-2018-17128 )
intext:"Powered By MyBB"
Numan OZDEMIR
Med.
Acelle Email Marketing Web Application v3.0.15 file uploads Vulnerability
". Acelle Email Marketing Application by acellemail.com"
indoushka
Med.
Credits Mediastudio.it Web Hosting SQL Injection Vulnerability
intext:''Credits: Mediastudio''
KingSkrupellos
Med.
Site Created by Frontline Multimedia Design Hosting SQL Injection Vulnerability
intext:''Site Created by FRONTLINE MULTIMEDIA DESIGN''
KingSkrupellos

Copyright 2018, cxsecurity.com

 

Back to Top