Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2018-11-15
Med.
Med.
2018-11-14
Low
Med.
Low
High
High
Med.
High
Med.
High
Low
Med.

The latest CVEs

2018-11-15
CVE-2018-19291
An issue discovered in DiliCMS 2.4.0. There is a CSRF vulnerability that can delete a user or group via an admin/index.php/user/del/1 or admin/index.php/role/del/2 URI.
CVE-2018-19289
An issue was discovered in Valine v1.3.3. It allows HTML injection, which can be exploited for JavaScript execution via an EMBED element in conjunction with a .pdf file.
CVE-2018-19288
Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via the updateWidget API.
CVE-2018-19287
XSS in the Ninja Forms plugin before 3.3.18 for WordPress allows Remote Attackers to execute JavaScript via the includes/Admin/Menus/Submissions.php (aka submissions page) begin_date, end_date, or form_id parameter.
CVE-2018-19286
The server in mubu note 2018-11-11 has XSS by configuring an account with a crafted name value (along with an arbitrary username value), and then creating and sharing a note.
CVE-2015-9274
HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh.
2018-11-14
CVE-2018-5495
All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated attacker to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node.
CVE-2018-19281
Centreon 3.4.x allows SNMP trap SQL Injection.
CVE-2018-19280
Centreon 3.4.x has XSS via the resource name or macro expression of a poller macro.
CVE-2018-19279
PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plaintext of NTFS files. On non-SSD devices, this is limited to a 5-second window and file sizes less than 600 bytes. The effect on SSD devices may be greater.

Dorks

2018-11-13
Med.
Web Portal People LLC 2018 OurClassOnline USA Unauthorized Arbitrary File Insert Vulnerability
intext:''To obtain a site like this for your class visit www.ourclassonline.com.''
KingSkrupellos
Med.
WEBSITE DEVELOPED BY: A R INFOTECH SQL injection
inurl:product-detail.php?id= intext:"WEBSITE DEVELOPED BY: A R INFOTECH"
Mikayil Ilyas
Med.
WEBSITE DEVELOPED BY: A R INFOTECH SQL injection
inurl:product-detail.php?id= intext:"WEBSITE DEVELOPED BY: A R INFOTECH"
Mikayil Ilyas
Med.
Developed By NaiveScripters Noakhali Science and Technology University Bangladesh SQL Injection Vulnerability
intext:''Developed By NaiveScripters'' site:edu.bd
KingSkrupellos
2018-11-12
Med.
Powered By Dimofinf CMS Version 4.0.0 Saudi-Arabia Government Unauthorized Arbitrary Insert File Vulnerability
intext:''Powered by Dimofinf cms Version 4.0.0'' site:gov.sa
KingSkrupellos

Copyright 2018, cxsecurity.com

 

Back to Top