National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): PHP
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 26,153 matching records.
Displaying matches 161 through 180.
Vuln ID Summary CVSS Severity
CVE-2018-14729

The database backup feature in upload/source/admincp/admincp_db.php in Discuz! 2.5 and 3.4 allows remote attackers to execute arbitrary PHP code.

Published: May 22, 2019; 02:29:00 PM -04:00
V3: 8.8 HIGH
V2: 9.0 HIGH
CVE-2019-12279

Nagios XI 5.6.1 allows SQL injection via the username parameter to login.php?forgotpass (aka the reset password form).

Published: May 22, 2019; 12:29:01 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-12269

Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a "correctly signed" message indication, but display different unauthenticated text.

Published: May 21, 2019; 04:29:00 PM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-12190

XSS was discovered in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.747 via the testacc/fileManager2.php fm_current_dir or filename parameter.

Published: May 21, 2019; 02:29:00 PM -04:00
V3: 5.4 MEDIUM
V2: 3.5 LOW
CVE-2019-12251

sadmin/ceditpost.php in UCMS 1.4.7 allows SQL Injection via the index.php?do=sadmin_ceditpost cvalue parameter.

Published: May 21, 2019; 12:29:01 PM -04:00
V3: 8.8 HIGH
V2: 6.5 MEDIUM
CVE-2019-11816

Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request.

Published: May 20, 2019; 06:29:00 PM -04:00
V3: 7.2 HIGH
V2: 6.5 MEDIUM
CVE-2019-12241

The Carts Guru plugin 1.4.5 for WordPress allows Insecure Deserialization via a cartsguru-source cookie to classes/wc-cartsguru-event-handler.php.

Published: May 20, 2019; 04:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-12240

The Virim plugin 0.4 for WordPress allows Insecure Deserialization via s_values, t_values, or c_values in graph.php.

Published: May 20, 2019; 04:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-12185

eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the web root, and for code to execute on the remote server.

Published: May 19, 2019; 08:29:00 PM -04:00
V3: 8.8 HIGH
V2: 9.0 HIGH
CVE-2019-12170

ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the mods/_core/backups/upload.php (aka backup) component. This may result in remote command execution. An attacker can use the instructor account to fully compromise the system using a crafted backup ZIP archive. This will allow for PHP files to be written to the web root, and for code to execute on the remote server.

Published: May 17, 2019; 06:29:00 PM -04:00
V3: 8.8 HIGH
V2: 9.0 HIGH
CVE-2019-12161

WPO WebPageTest 19.04 allows SSRF because ValidateURL in www/runtest.php does not consider octal encoding of IP addresses (such as 0300.0250 as a replacement for 192.168).

Published: May 17, 2019; 03:29:00 PM -04:00
V3: 8.8 HIGH
V2: 4.0 MEDIUM
CVE-2018-17181

An issue was discovered in OpenEMR before 5.0.1 Patch 7. SQL Injection exists in the SaveAudit function in /portal/lib/paylib.php and the portalAudit function in /portal/lib/appsql.class.php.

Published: May 17, 2019; 12:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-17180

An issue was discovered in OpenEMR before 5.0.1 Patch 7. Directory Traversal exists via docid=../ to /portal/lib/download_template.php.

Published: May 17, 2019; 12:29:00 PM -04:00
V3: 5.3 MEDIUM
V2: 5.0 MEDIUM
CVE-2018-17179

An issue was discovered in OpenEMR before 5.0.1 Patch 7. There is SQL Injection in the make_task function in /interface/forms/eye_mag/php/taskman_functions.php via /interface/forms/eye_mag/taskman.php.

Published: May 17, 2019; 12:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-8937

HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizza_tabelle.php.

Published: May 17, 2019; 11:29:00 AM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-8924

XAMPP through 5.6.8 allows XSS via the cds-fpdf.php interpret or titel parameter. NOTE: This product is discontinued.

Published: May 16, 2019; 10:29:00 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-10912

In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current user has access to. This is related to symfony/cache and symfony/phpunit-bridge.

Published: May 16, 2019; 06:29:00 PM -04:00
V3: 7.1 HIGH
V2: 6.5 MEDIUM
CVE-2019-10909

In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, validation messages are not escaped, which can lead to XSS when user input is included. This is related to symfony/framework-bundle.

Published: May 16, 2019; 06:29:00 PM -04:00
V3: 5.4 MEDIUM
V2: 3.5 LOW
CVE-2018-17048

admin/Lib/Action/FpluginAction.class.php in FDCMS (aka Fangfa Content Manage System) 4.2 allows SQL Injection.

Published: May 16, 2019; 11:29:00 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2014-9919

An issue was discovered in Bilboplanet 2.0. Stored XSS exists in the fullname parameter to signup.php.

Published: May 15, 2019; 10:29:00 AM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM