National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): PHP
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 25,891 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2019-6493

SmartDefragDriver.sys (2.0) in IObit Smart Defrag 6 never frees an executable kernel pool that is allocated with user defined bytes and size when IOCTL 0x9C401CC0 is called. This kernel pointer can be leaked if the kernel pool becomes a "big" pool.

Published: April 11, 2019; 04:29:00 PM -04:00
V3: 5.5 MEDIUM
V2: 2.1 LOW
CVE-2018-19202

A reflected XSS vulnerability in index.php in MyBB 1.8.x through 1.8.19 allows remote attackers to inject JavaScript via the 'upsetting[bburl]' parameter.

Published: April 11, 2019; 04:29:00 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-11078

MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php URI.

Published: April 10, 2019; 10:29:00 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2019-11077

FastAdmin V1.0.0.20190111_beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI.

Published: April 10, 2019; 10:29:00 PM -04:00
V3: 6.8 MEDIUM
V2: 6.0 MEDIUM
CVE-2019-7174

Roxy Fileman 1.4.5 allows attackers to execute renamefile.php (aka Rename File), createdir.php (aka Create Directory), fileslist.php (aka Echo File List), and movefile.php (aka Move File) operations.

Published: April 09, 2019; 02:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-6117

The wpape APE GALLERY plugin 1.6.14 for WordPress has stored XSS via the classGallery.php getCategories function.

Published: April 09, 2019; 02:29:00 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-11025

In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS.

Published: April 08, 2019; 07:29:00 PM -04:00
V3: 5.4 MEDIUM
V2: 3.5 LOW
CVE-2019-11018

application\admin\controller\User.php in ThinkAdmin V4.0 does not prevent continued use of an administrator's cookie-based credentials after a password change.

Published: April 08, 2019; 05:29:01 PM -04:00
V3: 9.8 CRITICAL
V2: 5.0 MEDIUM
CVE-2019-10888

A CSRF Issue that can add an admin user was discovered in UKcms v1.1.10 via admin.php/admin/role/add.html.

Published: April 05, 2019; 02:29:00 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2019-10867

An issue was discovered in Pimcore before 5.7.1. An attacker with classes permission can send a POST request to /admin/class/bulk-commit, which will make it possible to exploit the unserialize function when passing untrusted values in the data parameter to bundles/AdminBundle/Controller/Admin/DataObject/ClassController.php.

Published: April 04, 2019; 02:29:00 PM -04:00
V3: 8.8 HIGH
V2: 6.5 MEDIUM
CVE-2019-10863

A command injection vulnerability exists in TeemIp versions before 2.4.0. The new_config parameter of exec.php allows one to create a new PHP file with the exception of config information. The malicious PHP code sent is executed instantaneously and is not saved on the server.

Published: April 04, 2019; 02:29:00 PM -04:00
V3: 7.2 HIGH
V2: 6.5 MEDIUM
CVE-2018-18035

A vulnerability in flashcanvas.swf in OpenEMR before 5.0.1 Patch 6 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system.

Published: April 02, 2019; 06:29:00 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-10708

S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter.

Published: April 02, 2019; 03:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-10707

MKCMS V5.0 has SQL injection via the bplay.php play parameter.

Published: April 02, 2019; 03:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-10692

In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement.

Published: April 02, 2019; 02:30:20 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-9759

An issue was discovered in TONGDA Office Anywhere 10.18.190121. There is a SQL Injection vulnerability via the general/approve_center/list/input_form/work_handle.php run_id parameter.

Published: April 02, 2019; 10:29:01 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-6715

pub/sns.php in the W3 Total Cache plugin before 0.9.4 for WordPress allows remote attackers to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data.

Published: April 01, 2019; 04:29:00 PM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-10684

Application/Admin/Controller/ConfigController.class.php in 74cms v5.0.1 allows remote attackers to execute arbitrary PHP code via the index.php?m=Admin&c=config&a=edit site_domain parameter.

Published: April 01, 2019; 12:29:00 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-10652

An issue was discovered in flatCore 1.4.7. acp/acp.php allows remote authenticated administrators to upload arbitrary .php files, related to the addons feature.

Published: March 30, 2019; 10:29:00 AM -04:00
V3: 7.2 HIGH
V2: 6.5 MEDIUM
CVE-2019-10647

ZZZCMS zzzphp v1.6.3 allows remote attackers to execute arbitrary PHP code via a .php URL in the plugins/ueditor/php/controller.php?action=catchimage source[] parameter because of a lack of inc/zzz_file.php restrictions. For example, source%5B%5D=http%3A%2F%2F192.168.0.1%2Ftest.php can be used if the 192.168.0.1 web server sends the contents of a .php file (i.e., it does not interpret a .php file).

Published: March 30, 2019; 09:29:00 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH