National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 122,844 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2019-14254

An issue was discovered in the secure portal in Publisure 2.1.2. Because SQL queries are not well sanitized, there are multiple SQL injections in userAccFunctions.php functions. Using this, an attacker can access passwords and/or grant access to the user account "user" in order to become "Administrator" (for example).

Published: September 18, 2019; 12:15:15 PM -04:00
(not available)
CVE-2019-14253

An issue was discovered in servletcontroller in the secure portal in Publisure 2.1.2. One can bypass authentication and perform a query on PHP forms within the /AdminDir folder that should be restricted.

Published: September 18, 2019; 12:15:14 PM -04:00
(not available)
CVE-2019-14252

An issue was discovered in the secure portal in Publisure 2.1.2. Once successfully authenticated as an administrator, one is able to inject arbitrary PHP code by using the adminCons.php form. The code is then stored in the E:\PUBLISURE\webservice\webpages\AdminDir\Templates\ folder even if removed from the adminCons.php view (i.e., the rogue PHP file can be hidden).

Published: September 18, 2019; 12:15:14 PM -04:00
(not available)
CVE-2019-15843

A malicious file upload vulnerability was discovered in Xiaomi Millet mobile phones 1-6.3.9.3. A man-in-the-middle attacker could write files or read privileged data.

Published: September 18, 2019; 11:15:10 AM -04:00
(not available)
CVE-2018-1847

IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) v2.0.0.0 through 2.0.0.5, v2.1.0.0 through 2.1.0.4, v2.1.1.0 through 2.1.1.4, and v3.0.0.0 through 3.0.0.8 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 150946.

Published: September 18, 2019; 11:15:10 AM -04:00
(not available)
CVE-2019-16399

Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root password welc0me.

Published: September 18, 2019; 10:15:11 AM -04:00
(not available)
CVE-2019-16403

In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers.

Published: September 18, 2019; 08:15:11 AM -04:00
(not available)
CVE-2019-16216

Zulip server before 2.0.5 incompletely validated the MIME types of uploaded files. A user who is logged into the server could upload files of certain types to mount a stored cross-site scripting attack on other logged-in users. On a Zulip server using the default local uploads backend, the attack is only effective against browsers lacking support for Content-Security-Policy such as Internet Explorer 11. On a Zulip server using the S3 uploads backend, the attack is confined to the origin of the configured S3 uploads hostname and cannot reach the Zulip server itself.

Published: September 18, 2019; 08:15:10 AM -04:00
(not available)
CVE-2019-16215

The Markdown parser in Zulip server before 2.0.5 used a regular expression vulnerable to exponential backtracking. A user who is logged into the server could send a crafted message causing the server to spend an effectively arbitrary amount of CPU time and stall the processing of future messages.

Published: September 18, 2019; 08:15:10 AM -04:00
(not available)
CVE-2016-10995

The Tevolution plugin before 2.3.0 for WordPress has arbitrary file upload via single_upload.php or single-upload.php.

Published: September 18, 2019; 08:15:10 AM -04:00
(not available)
CVE-2016-10994

The Truemag theme 2016 Q2 for WordPress has XSS via the s parameter.

Published: September 18, 2019; 08:15:10 AM -04:00
(not available)
CVE-2019-16396

GnuCOBOL 2.2 has a use-after-free in the end_scope_of_program_name() function in cobc/parser.y via crafted COBOL source code.

Published: September 17, 2019; 06:15:11 PM -04:00
V3.1: 7.8 HIGH
    V2: 6.8 MEDIUM
CVE-2019-16395

GnuCOBOL 2.2 has a stack-based buffer overflow in the cb_name() function in cobc/tree.c via crafted COBOL source code.

Published: September 17, 2019; 06:15:11 PM -04:00
V3.1: 7.8 HIGH
    V2: 6.8 MEDIUM
CVE-2019-16394

SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscribers.

Published: September 17, 2019; 05:15:11 PM -04:00
V3.1: 5.3 MEDIUM
    V2: 5.0 MEDIUM
CVE-2019-16393

SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect URLs in ecrire/inc/headers.php with a %0D, %0A, or %20 character.

Published: September 17, 2019; 05:15:11 PM -04:00
V3.1: 6.1 MEDIUM
    V2: 5.8 MEDIUM
CVE-2019-16392

SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages.

Published: September 17, 2019; 05:15:11 PM -04:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-16391

SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrire/inc/securiser_action.php.

Published: September 17, 2019; 05:15:11 PM -04:00
V3.1: 6.5 MEDIUM
    V2: 4.0 MEDIUM
CVE-2019-16199

eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related to the ReGa core process.

Published: September 17, 2019; 05:15:11 PM -04:00
(not available)
CVE-2019-6840

A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow an attacker to send a crafted message to the target server, thereby causing arbitrary commands to be executed.

Published: September 17, 2019; 04:15:12 PM -04:00
(not available)
CVE-2019-6839

An Improper Access Control: CWE-284 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow a user with low privileges to upload a rogue file.

Published: September 17, 2019; 04:15:12 PM -04:00
(not available)