National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): PHP
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 25,984 matching records.
Displaying matches 121 through 140.
Vuln ID Summary CVSS Severity
CVE-2019-9841

Vesta Control Panel 0.9.8-23 allows XSS via a crafted URL.

Published: April 19, 2019; 03:29:00 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-11344

data/inc/files.php in Pluck 4.7.8 allows remote attackers to execute arbitrary code by uploading a .htaccess file that specifies SetHandler x-httpd-php for a .txt file, because only certain PHP-related filename extensions are blocked.

Published: April 19, 2019; 03:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-9161

WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a Remote Code Execution issue allowing remote attackers to achieve full access to the system, because shell metacharacters in the nginx_webconsole.php Cookie header can be used to read an etc/config/wac/wns_cfg_admin_detail.xml file containing the admin password. (The password for root is the WebUI admin password concatenated with a static string.)

Published: April 18, 2019; 07:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2019-11332

MKCMS 5.0 allows remote attackers to take over arbitrary user accounts by posting a username and e-mail address to ucenter/repass.php, which triggers e-mail transmission with the password, as demonstrated by 123456.

Published: April 18, 2019; 07:29:00 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2019-11035

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.

Published: April 18, 2019; 01:29:00 PM -04:00
V3: 9.1 CRITICAL
V2: 6.4 MEDIUM
CVE-2019-11034

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.

Published: April 18, 2019; 01:29:00 PM -04:00
V3: 9.1 CRITICAL
V2: 6.4 MEDIUM
CVE-2018-18019

XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-slides&method=save Slide[title], Slide[media_file], or Slide[image_url] parameter.

Published: April 15, 2019; 05:29:00 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-18018

SQL Injection exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-galleries&method=save Gallery[id] or Gallery[title] parameter.

Published: April 15, 2019; 05:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-18017

XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-galleries&method=save Gallery[id] or Gallery[title] parameter.

Published: April 15, 2019; 05:29:00 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-17584

The WP Fastest Cache plugin 0.8.8.5 for WordPress has CSRF via the wp-admin/admin.php wpfastestcacheoptions page.

Published: April 15, 2019; 04:29:00 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2018-18261

In waimai Super Cms 20150505, there is an XSS vulnerability via the /admin.php/Foodcat/addsave fcname parameter.

Published: April 15, 2019; 08:31:20 AM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-13137

The Events Manager plugin 5.9.4 for WordPress has XSS via the dbem_event_reapproved_email_body parameter to the wp-admin/edit.php?post_type=event&page=events-manager-options URI.

Published: April 12, 2019; 02:29:00 PM -04:00
V3: 4.8 MEDIUM
V2: 3.5 LOW
CVE-2019-9056

An issue was discovered in CMS Made Simple 2.2.8. In the module FrontEndUsers (in the file class.FrontEndUsersManipulate.php or class.FrontEndUsersManipulator.php), it is possible to reach an unserialize call with an untrusted __FEU__ cookie, and achieve authenticated object injection.

Published: April 11, 2019; 04:29:00 PM -04:00
V3: 8.8 HIGH
V2: 6.5 MEDIUM
CVE-2019-6493

SmartDefragDriver.sys (2.0) in IObit Smart Defrag 6 never frees an executable kernel pool that is allocated with user defined bytes and size when IOCTL 0x9C401CC0 is called. This kernel pointer can be leaked if the kernel pool becomes a "big" pool.

Published: April 11, 2019; 04:29:00 PM -04:00
V3: 5.5 MEDIUM
V2: 2.1 LOW
CVE-2018-19202

A reflected XSS vulnerability in index.php in MyBB 1.8.x through 1.8.19 allows remote attackers to inject JavaScript via the 'upsetting[bburl]' parameter.

Published: April 11, 2019; 04:29:00 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-11078

MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php URI.

Published: April 10, 2019; 10:29:00 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2019-11077

FastAdmin V1.0.0.20190111_beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI.

Published: April 10, 2019; 10:29:00 PM -04:00
V3: 6.8 MEDIUM
V2: 6.0 MEDIUM
CVE-2019-7174

Roxy Fileman 1.4.5 allows attackers to execute renamefile.php (aka Rename File), createdir.php (aka Create Directory), fileslist.php (aka Echo File List), and movefile.php (aka Move File) operations.

Published: April 09, 2019; 02:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-6117

The wpape APE GALLERY plugin 1.6.14 for WordPress has stored XSS via the classGallery.php getCategories function.

Published: April 09, 2019; 02:29:00 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-11025

In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS.

Published: April 08, 2019; 07:29:00 PM -04:00
V3: 5.4 MEDIUM
V2: 3.5 LOW