National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): PHP
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 25,891 matching records.
Displaying matches 181 through 200.
Vuln ID Summary CVSS Severity
CVE-2018-19511

wg7.php in Webgalamb 7.0 lacks security measures to prevent CSRF attacks, as demonstrated by wg7.php?options=1 to change the administrator password.

Published: March 21, 2019; 12:00:31 PM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-19510

subscriber.php in Webgalamb through 7.0 is vulnerable to SQL injection via the Client-IP HTTP request header.

Published: March 21, 2019; 12:00:31 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-19509

wg7.php in Webgalamb 7.0 makes opportunistic calls to htmlspecialchars() instead of using a templating engine with proper contextual encoding. Because it is possible to insert arbitrary strings into the database, any JavaScript could be executed by the administrator, leading to XSS.

Published: March 21, 2019; 12:00:31 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-19488

The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_reset_pass() function through the admin-ajax.php file, which allows remote unauthenticated attackers to reset the password of a user's account.

Published: March 21, 2019; 12:00:31 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-19487

The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_employer_ajax_profile() function through the admin-ajax.php file, which allows remote unauthenticated attackers to enumerate information about users.

Published: March 21, 2019; 12:00:31 PM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2018-18845

internal/advanced_comment_system/index.php and internal/advanced_comment_system/admin.php in Advanced Comment System, version 1.0, contain a reflected cross-site scripting vulnerability via ACS_path. A remote unauthenticated attacker could potentially exploit this vulnerability to supply malicious HTML or JavaScript code to a vulnerable web application, which is then reflected back to the victim and executed by the web browser. The product is discontinued.

Published: March 21, 2019; 12:00:29 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-18798

Attendance Monitoring System 1.0 has SQL Injection via the 'id' parameter to student/index.php?view=view, event/index.php?view=view, and user/index.php?view=view.

Published: March 21, 2019; 12:00:29 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-17996

LayerBB before 1.1.3 allows CSRF for adding a user via admin/new_user.php, deleting a user via admin/members.php/delete_user/, and deleting content via mod/delete.php/.

Published: March 21, 2019; 12:00:26 PM -04:00
V3: 6.5 MEDIUM
V2: 5.8 MEDIUM
CVE-2018-15818

An issue was discovered in Repute ARForms 3.5.1 and prior. An attacker is able to delete any file on the server with web server privileges by sending a malicious request to admin-ajax.php.

Published: March 21, 2019; 12:00:21 PM -04:00
V3: 7.5 HIGH
V2: 6.4 MEDIUM
CVE-2018-14724

In the Ban List plugin 1.0 for MyBB, any forum user with mod privileges can ban users and input an XSS payload into the ban reason, which is executed on the bans.php page.

Published: March 21, 2019; 12:00:20 PM -04:00
V3: 5.4 MEDIUM
V2: 3.5 LOW
CVE-2018-14575

Trash Bin plugin 1.1.3 for MyBB has cross-site scripting (XSS) via a thread subject and a cross-site request forgery (CSRF) via a post subject.

Published: March 21, 2019; 12:00:18 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2018-20806

Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).

Published: March 17, 2019; 07:32:51 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-9829

Maccms 10 allows remote attackers to execute arbitrary PHP code by entering this code in a template/default_pc/html/art Edit action. This occurs because template rendering uses an include operation on a cache file, which bypasses the prohibition of .php files as templates.

Published: March 14, 2019; 11:29:00 PM -04:00
V3: 8.8 HIGH
V2: 6.5 MEDIUM
CVE-2019-9825

FeiFeiCMS 4.1.190209 allows remote attackers to upload and execute arbitrary PHP code by visiting index.php?s=Admin-Index to modify the set of allowable file extensions, as demonstrated by adding php to the default jpg,gif,png,jpeg setting, and then using the "add article" feature.

Published: March 14, 2019; 06:29:01 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-9787

WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS. The XSS results in administrative access, which allows arbitrary changes to .php files. This is related to wp-admin/includes/ajax-actions.php and wp-includes/comment.php.

Published: March 14, 2019; 12:29:00 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2019-9779

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (earlier than CVE-2019-9776).

Published: March 14, 2019; 05:29:01 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-9778

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec.

Published: March 14, 2019; 05:29:01 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-9777

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dxf_header_write at header_variables_dxf.spec.

Published: March 14, 2019; 05:29:01 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-9776

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779).

Published: March 14, 2019; 05:29:00 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-9775

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec.

Published: March 14, 2019; 05:29:00 AM -04:00
V3: 9.1 CRITICAL
V2: 6.4 MEDIUM