Author: Cyberthreat Blog

CVE-2018-18758

Posted by Cyberthreat Blog | Jun 19, 2019 | CVE Notifications |

Open Faculty Evaluation System 7 for PHP 7 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18757.

CVE-2018-18471

Posted by Cyberthreat Blog | Jun 19, 2019 | CVE Notifications |

/api/2.0/rest/aggregator/xml in Axentra firmware, used by NETGEAR Stora, Seagate GoFlex Home, and MEDION LifeCloud, has an XXE vulnerability that can be chained with an SSRF bug to gain remote command execution as root. It can...

CVE-2018-18757

Posted by Cyberthreat Blog | Jun 19, 2019 | CVE Notifications |

Open Faculty Evaluation System 5.6 for PHP 5.6 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18758.

CVE-2018-18863

Posted by Cyberthreat Blog | Jun 19, 2019 | CVE Notifications |

NGA ResourceLink 20.0.2.1 allows local file inclusion.

CVE-2018-18406

Posted by Cyberthreat Blog | Jun 19, 2019 | CVE Notifications |

An issue was discovered in Tufin SecureTrack 18.1 with TufinOS 2.16 build 1179(Final). The Audit Report module is affected by a blind XXE vulnerability when a new Best Practices Report is saved using a special payload inside the...

1
…
22,290
22,291
22,292
…
27,773