Export limit exceeded: 16381 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 348484 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348484 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-18812 | 1 Tibco | 2 Spotfire Analytics Platform For Aws, Spotfire Server | 2024-11-21 | N/A |
| The Spotfire Library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains a vulnerability that might theoretically fail to restrict users with read-only access from modifying files stored in the Spotfire Library, only when the Spotfire Library is configured to use external storage. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace versions up to and including 10.0.0, and TIBCO Spotfire Server versions up to and including 7.10.1; 7.11.0; 7.11.1; 7.12.0; 7.13.0; 7.14.0; 10.0.0. | ||||
| CVE-2018-18810 | 1 Tibco | 2 Managed File Transfer Command Center, Managed File Transfer Internet Server | 2024-11-21 | N/A |
| The Administrator Service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center, and TIBCO Managed File Transfer Internet Server contains vulnerabilities where an authenticated user with specific privileges can gain access to credentials to other systems. Affected releases are TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center: versions up to and including 7.3.2; 8.0.0; 8.0.1; 8.0.2; 8.1.0, and TIBCO Managed File Transfer Internet Server: versions up to and including 7.3.2; 8.0.0; 8.0.1; 8.0.2; 8.1.0. | ||||
| CVE-2018-18808 | 1 Tibco | 3 Jasperreports Server, Jaspersoft, Jaspersoft Reporting And Analytics | 2024-11-21 | N/A |
| The domain management component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contains a race-condition vulnerability that may allow any users with domain save privileges to gain superuser privileges. Affected releases are TIBCO Software Inc.'s TIBCO JasperReports Server: versions up to and including 6.3.4; 6.4.0; 6.4.1; 6.4.2; 6.4.3; 7.1.0, TIBCO JasperReports Server Community Edition: versions up to and including 7.1.0, TIBCO JasperReports Server for ActiveMatrix BPM: versions up to and including 6.4.3, TIBCO Jaspersoft for AWS with Multi-Tenancy: versions up to and including 7.1.0, and TIBCO Jaspersoft Reporting and Analytics for AWS: versions up to and including 7.1.0. | ||||
| CVE-2018-18807 | 1 Tibco | 1 Statistica Server | 2024-11-21 | N/A |
| The web application of the TIBCO Statistica component of TIBCO Software Inc.'s TIBCO Statistica Server contains vulnerabilities which may allow an authenticated user to perform cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Statistica Server versions up to and including 13.4.0. | ||||
| CVE-2018-18806 | 1 School Equipment Monitoring System Project | 1 School Equipment Monitoring System | 2024-11-21 | N/A |
| School Equipment Monitoring System 1.0 allows SQL injection via the login screen, related to include/user.vb. | ||||
| CVE-2018-18805 | 1 Pointofsales Project | 1 Pointofsales | 2024-11-21 | 9.8 Critical |
| Point Of Sales 1.0 allows SQL injection via the login screen, related to LoginForm1.vb. | ||||
| CVE-2018-18804 | 1 Bakeshop Inventory System Project | 1 Bakeshop Inventory System | 2024-11-21 | N/A |
| Bakeshop Inventory System 1.0 has SQL injection via the login screen, related to include/publicfunction.vb. | ||||
| CVE-2018-18803 | 1 Curriculum Evaluation System Project | 1 Curriculum Evaluation System | 2024-11-21 | N/A |
| Curriculum Evaluation System 1.0 allows SQL Injection via the login screen, related to frmCourse.vb and includes/user.vb. | ||||
| CVE-2018-18802 | 1 Tubigan | 1 Welcome To Our Resort | 2024-11-21 | N/A |
| The Tubigan "Welcome to our Resort" 1.0 software allows CSRF via admin/mod_users/controller.php?action=edit. | ||||
| CVE-2018-18801 | 1 Bsen Ordering Software Project | 1 Bsen Ordering Software | 2024-11-21 | N/A |
| The BSEN Ordering software 1.0 has SQL Injection via student/index.php?view=view&id=[SQL] or index.php?q=single-item&id=[SQL]. | ||||
| CVE-2018-18800 | 1 Tubigan | 1 Welcome To Our Resort | 2024-11-21 | N/A |
| The Tubigan "Welcome to our Resort" 1.0 software allows SQL Injection via index.php?p=accomodation&q=[SQL], index.php?p=rooms&q=[SQL], or admin/login.php. | ||||
| CVE-2018-18799 | 1 School Attendance Monitoring System Project | 1 School Attendance Monitoring System | 2024-11-21 | N/A |
| School Attendance Monitoring System 1.0 has CSRF via event/controller.php?action=photos. | ||||
| CVE-2018-18798 | 1 School Attendance Monitoring System Project | 1 School Attendance Monitoring System | 2024-11-21 | N/A |
| Attendance Monitoring System 1.0 has SQL Injection via the 'id' parameter to student/index.php?view=view, event/index.php?view=view, and user/index.php?view=view. | ||||
| CVE-2018-18797 | 1 School Attendance Monitoring System Project | 1 School Attendance Monitoring System | 2024-11-21 | N/A |
| School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.php. | ||||
| CVE-2018-18796 | 1 Library Management System Project | 1 Library Management System | 2024-11-21 | N/A |
| Library Management System 1.0 has SQL Injection via the "Search for Books" screen. | ||||
| CVE-2018-18795 | 1 School Event Management System Project | 1 School Event Management System | 2024-11-21 | N/A |
| School Event Management System 1.0 has SQL Injection via the student/index.php or event/index.php id parameter. | ||||
| CVE-2018-18794 | 1 School Event Management System Project | 1 School Event Management System | 2024-11-21 | N/A |
| School Event Management System 1.0 allows CSRF via user/controller.php?action=edit. | ||||
| CVE-2018-18793 | 1 School Event Management System Project | 1 School Event Management System | 2024-11-21 | N/A |
| School Event Management System 1.0 allows Arbitrary File Upload via event/controller.php?action=photos. | ||||
| CVE-2018-18792 | 1 Zzcms | 1 Zzcms | 2024-11-21 | N/A |
| An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs_list.php via a pxzs cookie. | ||||
| CVE-2018-18791 | 1 Zzcms | 1 Zzcms | 2024-11-21 | N/A |
| An issue was discovered in zzcms 8.3. SQL Injection exists in zs/search.php via a pxzs cookie. | ||||