Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2018-09-22
Low
Med.
Med.
Med.
Low
Med.
Med.
Med.
Med.
Med.
Med.
Med.
Med.

The latest CVEs

2018-09-23
CVE-2018-17341
BigTree 4.2.23 on Windows, when Advanced or Simple Rewrite routing is enabled, allows remote attackers to bypass authentication via a ..\ substring, as demonstrated by a launch.php?bigtree_htaccess_url=admin/images/..\ URI.
CVE-2018-17338
An issue has been found in pdfalto through 0.2. It is a heap-based buffer overflow in the function TextPage::dump in XmlAltoOutputDev.cc.
2018-09-22
CVE-2018-17336
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n substrings.
CVE-2018-17334
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svg_string.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because a strncpy copy limit is miscalculated.
CVE-2018-17333
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in svgStringToLength in svg_types.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because sscanf is misused.
CVE-2018-17332
An issue was discovered in libsvg2 through 2012-10-19. The svgGetNextPathField function in svg_string.c returns its input pointer in certain circumstances, which might result in a memory leak caused by wasteful malloc calls.
CVE-2018-17322
Cross-site scripting (XSS) vulnerability in index.php/index/category/index in YUNUCMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the area parameter.
CVE-2018-17321
An issue was discovered in SeaCMS 6.64. XSS exists in admin_datarelate.php via the time or maxHit parameter in a dorandomset action.
2018-09-21
CVE-2018-14891
Management Console in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local privilege escalation vulnerability.
CVE-2018-14890
Vectra Networks Cognito Brain and Sensor before 4.2 contains a cross-site scripting (XSS) vulnerability in the Web Management Console.

Dorks

2018-09-22
Low
StNetwoork 3.0 XsS Vulnerability
"Diseño y Desarrollo CORPORACIÓN M&M"
indoushka
Med.
Pixel2URL Web Design Company Sialkot Pakistan Authentication Bypass Vulnerability
intext:''Powered By PIXEL2URL'' - intext:''Proudly Powered By:Pixel2URL''
KingSkrupellos
Med.
Design and Developed By UNASJEE Authentication Bypass Vulnerability
intext:''Designed & Developed by: UNASJEE'' - intext:''Developed by: UNASJEE''
KingSkrupellos
Med.
Designed by Longtail E-Media Improper Access Control and RFU Vulnerability
intext:''Designed by Longtail E-media'' site:com
AYAR
Low
MyBB Visual Editor Stored XSS <= v1.8.18( CVE-2018-17128 )
intext:"Powered By MyBB"
Numan OZDEMIR

Copyright 2018, cxsecurity.com

 

Back to Top