-
CVE-2018-20503
•
published on May 7, 2019
Allied Telesis 8100L/8 devices allow XSS via the edit-ipv4_interface.php vlanid or subnet_mask parameter.
-
CVE-2018-20503
•
published on May 7, 2019
Allied Telesis 8100L/8 devices allow XSS via the edit-ipv4_interface.php vlanid or subnet_mask parameter.
-
CVE-2018-19456
•
published on May 7, 2019
The WP Backup+ (aka WPbackupplus) plugin through 2018-11-22 for WordPress allows remote attackers to obtain sensitive information from server folders and files, as demonstrated by download.sql.
-
CVE-2018-19456
•
published on May 7, 2019
The WP Backup+ (aka WPbackupplus) plugin through 2018-11-22 for WordPress allows remote attackers to obtain sensitive information from server folders and files, as demonstrated by download.sql.
-
CVE-2018-19456
•
published on May 7, 2019
The WP Backup+ (aka WPbackupplus) plugin through 2018-11-22 for WordPress allows remote attackers to obtain sensitive information from server folders and files, as demonstrated by download.sql.
-
CVE-2018-14485
•
published on May 7, 2019
BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd.
-
CVE-2018-14485
•
published on May 7, 2019
BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd.
-
CVE-2018-14485
•
published on May 7, 2019
BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd.
-
CVE-2018-14478
•
published on May 7, 2019
ecard.php in Coppermine Photo Gallery (CPG) 1.5.46 has XSS via the sender_name, recipient_email, greetings, or recipient_name parameter.
-
CVE-2018-14478
•
published on May 7, 2019
ecard.php in Coppermine Photo Gallery (CPG) 1.5.46 has XSS via the sender_name, recipient_email, greetings, or recipient_name parameter.
-
CVE-2018-14478
•
published on May 7, 2019
ecard.php in Coppermine Photo Gallery (CPG) 1.5.46 has XSS via the sender_name, recipient_email, greetings, or recipient_name parameter.
-
CVE-2018-13994
•
published on May 7, 2019
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections.
-
CVE-2018-13994
•
published on May 7, 2019
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections.
-
CVE-2018-13994
•
published on May 7, 2019
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections.
-
CVE-2018-13993
•
published on May 7, 2019
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF.
-
CVE-2018-13993
•
published on May 7, 2019
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF.
-
CVE-2018-13993
•
published on May 7, 2019
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF.
-
CVE-2018-13992
•
published on May 7, 2019
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default.
-
CVE-2018-13992
•
published on May 7, 2019
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default.
-
CVE-2018-13992
•
published on May 7, 2019
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default.