CVE-2018-10086 — CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary code execution vulnerability in the admin dashboard because the implementation uses "eval('function testfunction'.rand()" and it is possible to bypass certain restrictions on these "testfunc... read CVE-2018-10086
Published: April 13, 2018; 01:29:00 AM -04:00

V3: 7.2 HIGH
V2: 6.5 MEDIUM

CVE-2018-10085 — CMS Made Simple (CMSMS) through 2.2.6 allows PHP object injection because of an unserialize call in the _get_data function of \lib\classes\internal\class.LoginOperations.php. By sending a crafted cookie, a remote attacker can upload and execute code,... read CVE-2018-10085
Published: April 13, 2018; 01:29:00 AM -04:00

V3: 9.8 CRITICAL
V2: 7.5 HIGH

CVE-2018-10084 — CMS Made Simple (CMSMS) through 2.2.6 contains a privilege escalation vulnerability from ordinary user to admin user by arranging for the eff_uid value within $_COOKIE[$this->_loginkey] to equal 1, because an SHA-1 cryptographic protection mechani... read CVE-2018-10084
Published: April 13, 2018; 01:29:00 AM -04:00

V3: 8.8 HIGH
V2: 6.5 MEDIUM

CVE-2018-10083 — CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary file deletion vulnerability in the admin dashboard via directory traversal sequences in the val parameter within a cmd=del request, because code under modules\FilePicker does not restrict th... read CVE-2018-10083
Published: April 13, 2018; 01:29:00 AM -04:00

V3: 7.5 HIGH
V2: 6.4 MEDIUM

CVE-2018-10082 — CMS Made Simple (CMSMS) through 2.2.7 allows physical path leakage via an invalid /index.php?page= value, a crafted URI starting with /index.php?mact=Search, or a direct request to /admin/header.php, /admin/footer.php, /lib/tasks/class.ClearCache.tas... read CVE-2018-10082
Published: April 13, 2018; 01:29:00 AM -04:00

V3: 5.3 MEDIUM
V2: 5.0 MEDIUM

CVE-2018-10081 — CMS Made Simple (CMSMS) through 2.2.6 contains an admin password reset vulnerability because data values are improperly compared, as demonstrated by a hash beginning with the "0e" substring.
Published: April 13, 2018; 01:29:00 AM -04:00

V3: 9.8 CRITICAL
V2: 5.0 MEDIUM

CVE-2018-10061 — Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used).
Published: April 12, 2018; 12:29:00 PM -04:00

V3: 5.4 MEDIUM
V2: 3.5 LOW

CVE-2018-10060 — Cacti before 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitize_uri function in lib/functions.php.
Published: April 12, 2018; 12:29:00 PM -04:00

V3: 5.4 MEDIUM
V2: 3.5 LOW

CVE-2018-10059 — Cacti before 1.1.37 has XSS because the get_current_page function in lib/functions.php relies on $_SERVER['PHP_SELF'] instead of $_SERVER['SCRIPT_NAME'] to determine a page name.
Published: April 12, 2018; 12:29:00 PM -04:00

V3: 5.4 MEDIUM
V2: 3.5 LOW

CVE-2018-10033 — CMS Made Simple (aka CMSMS) 2.2.7 has Stored XSS in admin/siteprefs.php via the metadata parameter.
Published: April 11, 2018; 03:29:00 PM -04:00

V3: 4.8 MEDIUM
V2: 3.5 LOW

CVE-2018-10032 — CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in admin/moduleinterface.php via the m1_version parameter.
Published: April 11, 2018; 03:29:00 PM -04:00

V3: 4.8 MEDIUM
V2: 3.5 LOW

CVE-2018-10031 — CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/moduleinterface.php.
Published: April 11, 2018; 03:29:00 PM -04:00

V3: 8.8 HIGH
V2: 6.8 MEDIUM

CVE-2018-10030 — CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/siteprefs.php.
Published: April 11, 2018; 03:29:00 PM -04:00

V3: 8.8 HIGH
V2: 6.8 MEDIUM

CVE-2018-10029 — CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in admin/moduleinterface.php via the m1_name parameter, related to moduledepends, a different vulnerability than CVE-2017-16799.
Published: April 11, 2018; 03:29:00 PM -04:00

V3: 4.8 MEDIUM
V2: 3.5 LOW

CVE-2018-9925 — An issue was discovered in idreamsoft iCMS through 7.0.7. XSS exists via the nickname field in an admincp.php?app=user&do=save&frame=iPHP request.
Published: April 10, 2018; 02:29:00 AM -04:00

V3: 5.4 MEDIUM
V2: 3.5 LOW

CVE-2018-9924 — An issue was discovered in idreamsoft iCMS through 7.0.7. SQL injection exists via the pid array parameter in an admincp.php?app=tag&do=save&frame=iPHP request.
Published: April 10, 2018; 02:29:00 AM -04:00

V3: 9.8 CRITICAL
V2: 7.5 HIGH

CVE-2018-9923 — An issue was discovered in idreamsoft iCMS through 7.0.7. CSRF exists in admincp.php, as demonstrated by adding an article via an app=article&do=save&frame=iPHP request.
Published: April 10, 2018; 02:29:00 AM -04:00

V3: 8.8 HIGH
V2: 6.8 MEDIUM

CVE-2018-9922 — An issue was discovered in idreamsoft iCMS through 7.0.7. Physical path leakage exists via an invalid nickname field that reveals a core/library/weixin.class.php pathname.
Published: April 10, 2018; 02:29:00 AM -04:00

V3: 5.3 MEDIUM
V2: 5.0 MEDIUM

CVE-2017-0751 — An elevation of privilege vulnerability in the Qualcomm QCE driver. Product: Android. Versions: Android kernel. Android ID: A-36591162. References: QC-CR#2045061.
Published: April 05, 2018; 02:29:00 PM -04:00

V3: 5.3 MEDIUM
V2: 4.6 MEDIUM

CVE-2017-0748 — An information disclosure vulnerability in the Qualcomm audio driver. Product: Android. Versions: Android Kernel. Android ID: A-35764875. References: QC-CR#2029798.
Published: April 05, 2018; 02:29:00 PM -04:00

V3: 5.3 MEDIUM
V2: 5.0 MEDIUM