• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-94

CVE-2018-19011

February 26, 2023 by

CX-Supervisor (Versions 3.42 and prior) can execute code that has been injected into a project file. An attacker could exploit this to execute code under the privileges of the application.

CVE-2018-18892

February 26, 2023 by

MiniCMS 1.10 allows execution of arbitrary PHP code via the install.php sitename parameter, which affects the site_name field in mc_conf.php.

CVE-2018-18903

February 26, 2023 by

Vanilla 2.6.x before 2.6.4 allows remote code execution.

CVE-2018-18879

February 26, 2023 by

In firmware version MS_2.6.9900 of Columbia Weather MicroServer, an authenticated web user can pipe commands directly to the underlying operating system as user input is not sanitized in networkdiags.php.

CVE-2018-18835

February 26, 2023 by

upload_template() in system/changeskin.php in DocCms 2016.5.12 allows remote attackers to execute arbitrary PHP code via a template file.

CVE-2018-18836

February 26, 2023 by

An issue was discovered in Netdata 1.10.0. JSON injection exists via the api/v1/data tqx parameter because of web_client_api_request_v1_data in web/api/web_api_v1.c.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 125
  • Go to page 126
  • Go to page 127
  • Go to page 128
  • Go to page 129
  • Interim pages omitted …
  • Go to page 225
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE