National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): PHP
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 25,354 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2018-20731

A stored cross site scripting (XSS) vulnerability in NeDi before 1.7Cp3 allows remote attackers to inject arbitrary web script or HTML via User-Chat.php.

Published: January 16, 2019; 09:29:00 PM -05:00
(not available)
CVE-2018-20730

A SQL injection vulnerability in NeDi before 1.7Cp3 allows any user to execute arbitrary SQL read commands via the query.php component.

Published: January 16, 2019; 09:29:00 PM -05:00
(not available)
CVE-2018-20729

A reflected cross site scripting (XSS) vulnerability in NeDi before 1.7Cp3 allows remote attackers to inject arbitrary web script or HTML via the reg parameter in mh.php.

Published: January 16, 2019; 09:29:00 PM -05:00
(not available)
CVE-2018-20728

A cross site request forgery (CSRF) vulnerability in NeDi before 1.7Cp3 allows remote attackers to escalate privileges via User-Management.php.

Published: January 16, 2019; 09:29:00 PM -05:00
(not available)
CVE-2018-20727

Multiple command injection vulnerabilities in NeDi before 1.7Cp3 allow authenticated users to execute code on the server side via the flt parameter to Nodes-Traffic.php, the dv parameter to Devices-Graph.php, or the tit parameter to drawmap.php.

Published: January 16, 2019; 09:29:00 PM -05:00
(not available)
CVE-2018-20726

A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices.

Published: January 16, 2019; 11:29:00 AM -05:00
V3: 5.4 MEDIUM
V2: 3.5 LOW
CVE-2018-20725

A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label.

Published: January 16, 2019; 11:29:00 AM -05:00
V3: 4.8 MEDIUM
V2: 3.5 LOW
CVE-2018-20724

A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors.

Published: January 16, 2019; 11:29:00 AM -05:00
V3: 4.8 MEDIUM
V2: 3.5 LOW
CVE-2018-20723

A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color.

Published: January 16, 2019; 11:29:00 AM -05:00
V3: 4.8 MEDIUM
V2: 3.5 LOW
CVE-2016-10738

Zenbership v107 has CSRF via admin/cp-functions/event-add.php.

Published: January 15, 2019; 11:29:00 PM -05:00
(not available)
CVE-2016-10737

Serendipity 2.0.4 has XSS via the serendipity_admin.php serendipity[body] parameter.

Published: January 15, 2019; 11:29:00 PM -05:00
(not available)
CVE-2019-3557

The implementations of streams for bz2 and php://output improperly implemented their readImpl functions, returning -1 consistently. This behavior caused some stream functions, such as stream_get_line, to trigger an out-of-bounds read when operating on such malformed streams. The implementations were updated to return valid values consistently. This affects all supported versions of HHVM (3.30 and 3.27.4 and below).

Published: January 15, 2019; 05:29:00 PM -05:00
(not available)
CVE-2018-20719

In Tiki before 17.2, the user task component is vulnerable to a SQL Injection via the tiki-user_tasks.php show_history parameter.

Published: January 15, 2019; 11:29:00 AM -05:00
(not available)
CVE-2018-20718

In Pydio before 8.2.2, an attack is possible via PHP Object Injection because a user is allowed to use the $phpserial$a:0:{} syntax to store a preference. An attacker either needs a "public link" of a file, or access to any unprivileged user account for creation of such a link.

Published: January 15, 2019; 11:29:00 AM -05:00
(not available)
CVE-2018-20717

In the orders section of PrestaShop before 1.7.2.5, an attack is possible after gaining access to a target store with a user role with the rights of at least a Salesman or higher privileges. The attacker can then inject arbitrary PHP objects into the process and abuse an object chain in order to gain Remote Code Execution. This occurs because protection against serialized objects looks for a 0: followed by an integer, but does not consider 0:+ followed by an integer.

Published: January 15, 2019; 11:29:00 AM -05:00
(not available)
CVE-2018-20715

The DB abstraction layer of OXID eSales 4.10.6 is vulnerable to SQL injection via the oxid or synchoxid parameter to the oxConfig::getRequestParameter() method in core/oxconfig.php.

Published: January 15, 2019; 11:29:00 AM -05:00
(not available)
CVE-2018-20714

The logging system of the Automattic WooCommerce plugin before 3.4.6 for WordPress is vulnerable to a File Deletion vulnerability. This allows deletion of woocommerce.php, which leads to certain privilege checks not being in place, and therefore a shop manager can escalate privileges to admin.

Published: January 15, 2019; 11:29:00 AM -05:00
(not available)
CVE-2017-18357

Shopware before 5.3.4 has a PHP Object Instantiation issue via the sort parameter to the loadPreviewAction() method of the Shopware_Controllers_Backend_ProductStream controller, with resultant XXE via instantiation of a SimpleXMLElement object.

Published: January 15, 2019; 11:29:00 AM -05:00
(not available)
CVE-2017-18356

In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an attack is possible after gaining access to the target site with a user account that has at least Shop manager privileges. The attacker then constructs a specifically crafted string that will turn into a PHP object injection involving the includes/shortcodes/class-wc-shortcode-products.php WC_Shortcode_Products::get_products() use of cached queries within shortcodes.

Published: January 15, 2019; 11:29:00 AM -05:00
(not available)
CVE-2019-6296

Cleanto 5.0 has SQL Injection via the assets/lib/export_ajax.php id parameter.

Published: January 15, 2019; 09:29:00 AM -05:00
(not available)