National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): PHP
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 26,401 matching records.
Displaying matches 201 through 220.
Vuln ID Summary CVSS Severity
CVE-2019-13461

In PrestaShop before 1.7.6.0 RC2, the id_address_delivery and id_address_invoice parameters are affected by an Insecure Direct Object Reference vulnerability due to a guessable value sent to the web application during checkout. An attacker could leak personal customer information. This is PrestaShop bug #14444.

Published: July 09, 2019; 02:15:11 PM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-11019

Lack of authentication in case-exporting components in DDRT Dashcom Live through 2019-05-08 allows anyone to remotely access all claim details by visiting easily guessable exportpdf/all_claim_detail.php?claim_id= URLs.

Published: July 09, 2019; 12:15:12 PM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-12930

A cross-site scripting (XSS) vulnerability in noMenu() and noSubMenu() in core/navigation/MENU.php in WIKINDX prior to version 5.8.1 allows remote attackers to inject arbitrary web script or HTML via the method parameter.

Published: July 08, 2019; 04:15:10 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-13414

The Rencontre plugin before 3.1.3 for WordPress allows XSS via inc/rencontre_widget.php.

Published: July 08, 2019; 10:15:10 AM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-13413

The Rencontre plugin before 3.1.3 for WordPress allows SQL Injection via inc/rencontre_widget.php.

Published: July 08, 2019; 10:15:10 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-13375

A SQL Injection was discovered in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 in PayAction.class.php with the index.php/Pay/passcodeAuth parameter passcode. The vulnerability does not need any authentication.

Published: July 06, 2019; 07:15:10 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-13374

A cross-site scripting (XSS) vulnerability in resource view in PayAction.class.php in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 allows remote attackers to inject arbitrary web script or HTML via the index.php/Pay/passcodeAuth passcode parameter.

Published: July 06, 2019; 07:15:10 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-13373

An issue was discovered in the D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6. Input does not get validated and arbitrary SQL statements can be executed in the database via the /web/Public/Conn.php parameter dbSQL.

Published: July 06, 2019; 07:15:10 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-13372

/web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 allows remote attackers to execute arbitrary PHP code via a cookie because a cookie's username field allows eval injection, and an empty password bypasses authentication.

Published: July 06, 2019; 07:15:10 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-13370

index.php/admin/permissions in Ignited CMS through 2017-02-19 allows CSRF to add an administrator.

Published: July 06, 2019; 06:15:09 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2019-13358

lib/DocumentToText.php in OpenCats before 0.9.4-3 has XXE that allows remote users to read files on the underlying operating system. The attacker must upload a file in the docx or odt format.

Published: July 05, 2019; 05:15:10 PM -04:00
V3: 5.9 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-12621

An issue was discovered in Eventum 3.5.0. /htdocs/switch.php has an Open Redirect via the current_page parameter.

Published: July 05, 2019; 01:15:10 PM -04:00
V3: 6.1 MEDIUM
V2: 5.8 MEDIUM
CVE-2019-13344

An authentication bypass vulnerability in the CRUDLab WP Like Button plugin through 1.6.0 for WordPress allows unauthenticated attackers to change settings. The contains() function in wp_like_button.php did not check if the current request is made by an authorized user, thus allowing any unauthenticated user to successfully update settings, as demonstrated by the wp-admin/admin.php?page=facebook-like-button each_page_url or code_snippet parameter.

Published: July 05, 2019; 12:15:11 PM -04:00
V3: 5.3 MEDIUM
V2: 5.0 MEDIUM
CVE-2019-13341

In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php (comment box), which can be used to get a user's cookie.

Published: July 05, 2019; 11:16:22 AM -04:00
V3: 4.8 MEDIUM
V2: 3.5 LOW
CVE-2019-13340

In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via the content box. An attacker can use it to get a user's cookie. This is different from CVE-2018-10296, CVE-2018-16233, CVE-2018-20520, and CVE-2019-13186.

Published: July 05, 2019; 11:16:22 AM -04:00
V3: 4.8 MEDIUM
V2: 3.5 LOW
CVE-2019-13339

In MiniCMS V1.10, stored XSS was found in mc-admin/page-edit.php (content box), which can be used to get a user's cookie.

Published: July 05, 2019; 11:16:21 AM -04:00
V3: 4.8 MEDIUM
V2: 3.5 LOW
CVE-2019-13294

AROX School-ERP Pro has a command execution vulnerability. import_stud.php and upload_fille.php do not have session control. Therefore an unauthenticated user can execute a command on the system.

Published: July 04, 2019; 07:15:10 PM -04:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2019-13292

A SQL Injection issue was discovered in webERP 4.15. Payments.php accepts payment data in base64 format. After this is decoded, it is deserialized. Then, this deserialized data goes directly into a SQL query, with no sanitizing checks.

Published: July 04, 2019; 06:15:10 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-13291

In Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan() located at Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Information Disclosure.

Published: July 04, 2019; 06:15:10 PM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-13283

In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.

Published: July 04, 2019; 04:15:10 PM -04:00
V3: 7.8 HIGH
V2: 6.8 MEDIUM