Export limit exceeded: 350771 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350771 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-6000 | 1 Asus | 1 Asuswrt | 2024-11-21 | N/A |
| An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999. | ||||
| CVE-2018-5999 | 1 Asus | 1 Asuswrt | 2024-11-21 | N/A |
| An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, processing of POST requests continues even if authentication fails. | ||||
| CVE-2018-5997 | 1 Ravpower | 1 Filehub Firmware | 2024-11-21 | N/A |
| An issue was discovered in the HTTP Server in RAVPower Filehub 2.000.056. Due to an unrestricted upload feature and a path traversal vulnerability, it is possible to upload a file on a filesystem with root privileges: this will lead to remote code execution as root. | ||||
| CVE-2018-5995 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call. | ||||
| CVE-2018-5994 | 1 Joomsky | 1 Js Jobs | 2024-11-21 | N/A |
| SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request. | ||||
| CVE-2018-5993 | 1 Aist Project | 1 Aist | 2024-11-21 | N/A |
| SQL Injection exists in the Aist through 2.0 component for Joomla! via the id parameter in a view=showvacancy request. | ||||
| CVE-2018-5992 | 1 Staff Master Project | 1 Staff Master | 2024-11-21 | N/A |
| SQL Injection exists in the Staff Master through 1.0 RC 1 component for Joomla! via the name parameter in a view=staff request. | ||||
| CVE-2018-5991 | 1 Web-dorado | 1 Form Maker | 2024-11-21 | N/A |
| SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via the id, from, or to parameter in a view=stats request, a different vulnerability than CVE-2015-2798. | ||||
| CVE-2018-5990 | 1 Allvideos Reloaded Project | 1 Allvideos Reloaded | 2024-11-21 | N/A |
| SQL Injection exists in the AllVideos Reloaded 1.2.x component for Joomla! via the divid parameter. | ||||
| CVE-2018-5989 | 1 Chillcreations | 1 Ccnewsletter | 2024-11-21 | 9.8 Critical |
| SQL Injection exists in the ccNewsletter 2.x component for Joomla! via the id parameter in a task=removeSubscriber action, a related issue to CVE-2011-5099. | ||||
| CVE-2018-5988 | 1 Flexible Poll Project | 1 Flexible Poll | 2024-11-21 | N/A |
| SQL Injection exists in Flexible Poll 1.2 via the id parameter to mobile_preview.php or index.php. | ||||
| CVE-2018-5987 | 1 Social Pinboard Project | 1 Social Pinboard | 2024-11-21 | N/A |
| SQL Injection exists in the Pinterest Clone Social Pinboard 2.0 component for Joomla! via the pin_id or user_id parameter in a task=getlikeinfo action, the ends parameter in a view=gift action, the category parameter in a view=home action, the uid parameter in a view=pindisplay action, the searchVal parameter in a view=search action, or the uid parameter in a view=likes action. | ||||
| CVE-2018-5986 | 1 Easycarscript | 1 Easycarscript | 2024-11-21 | 9.8 Critical |
| SQL Injection exists in Easy Car Script 2014 via the s_order or s_row parameter to site_search.php. | ||||
| CVE-2018-5985 | 1 Livecrm | 1 Livecrm Saas Cloud | 2024-11-21 | N/A |
| SQL Injection exists in the LiveCRM SaaS Cloud 1.0 component for Joomla! via an r=site/login&company_id= request. | ||||
| CVE-2018-5984 | 1 Tumder Project | 1 Tumder | 2024-11-21 | N/A |
| SQL Injection exists in the Tumder (An Arcade Games Platform) 2.1 component for Joomla! via the PATH_INFO to the category/ URI. | ||||
| CVE-2018-5983 | 1 Jquickcontact Project | 1 Jquickcontact | 2024-11-21 | N/A |
| SQL Injection exists in the JquickContact 1.3.2.2.1 component for Joomla! via a task=refresh&sid= request. | ||||
| CVE-2018-5982 | 1 Ordasoft | 1 Advertisement Board | 2024-11-21 | N/A |
| SQL Injection exists in the Advertisement Board 3.1.0 component for Joomla! via a task=show_rss_categories&catname= request. | ||||
| CVE-2018-5981 | 1 Web-dorado | 1 Gallery Wd | 2024-11-21 | N/A |
| SQL Injection exists in the Gallery WD 1.3.6 component for Joomla! via the tag_id parameter or gallery_id parameter. | ||||
| CVE-2018-5980 | 1 Solidres | 1 Solidres | 2024-11-21 | N/A |
| SQL Injection exists in the Solidres 2.5.1 component for Joomla! via the direction parameter in a hub.search action. | ||||
| CVE-2018-5979 | 1 Wchat Project | 1 Wchat | 2024-11-21 | N/A |
| SQL Injection exists in Wchat Fully Responsive PHP AJAX Chat Script 1.5 via the login.php User field. | ||||