cyber·news

CRITICAL

CVE-2018-5778 (CVSS 9.8) — An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1). Multiple SQL injecti...

NVD CVE-2018-5778 3068d ago

CRITICAL

CVE-2018-5777 (CVSS 9.8) — An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1). Remote clients can t...

NVD CVE-2018-5777 3068d ago

CRITICAL

CVE-2018-5988 (CVSS 9.8) — SQL Injection exists in Flexible Poll 1.2 via the id parameter to mobile_preview.php or index.php.

NVD CVE-2018-5988 3068d ago

CRITICAL

CVE-2018-5986 (CVSS 9.8) — SQL Injection exists in Easy Car Script 2014 via the s_order or s_row parameter to site_search.php.

NVD CVE-2018-5986 3068d ago

CRITICAL

CVE-2018-5985 (CVSS 9.8) — SQL Injection exists in the LiveCRM SaaS Cloud 1.0 component for Joomla! via an r=site/login&company...

NVD CVE-2018-5985 3068d ago

CRITICAL

CVE-2018-5984 (CVSS 9.8) — SQL Injection exists in the Tumder (An Arcade Games Platform) 2.1 component for Joomla! via the PATH...

NVD CVE-2018-5984 3068d ago

CRITICAL

CVE-2018-5979 (CVSS 9.8) — SQL Injection exists in Wchat Fully Responsive PHP AJAX Chat Script 1.5 via the login.php User field...

NVD CVE-2018-5979 3068d ago

CRITICAL

CVE-2018-5978 (CVSS 9.8) — SQL Injection exists in Facebook Style Php Ajax Chat Zechat 1.5 via the login.php User field.

NVD CVE-2018-5978 3068d ago

CRITICAL

CVE-2018-5977 (CVSS 9.8) — SQL Injection exists in Affiligator Affiliate Webshop Management System 2.1.0 via a search/?q=&price...

NVD CVE-2018-5977 3068d ago

CRITICAL

CVE-2018-5972 (CVSS 9.8) — SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keywords, placeid, cat, or subcat par...

NVD CVE-2018-5972 3068d ago

CRITICAL

CVE-2018-5749 (CVSS 9.8) — install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers List ...

NVD CVE-2018-5749 3069d ago

CRITICAL

CVE-2018-6000 (CVSS 9.8) — An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in route...

NVD CVE-2018-6000CVE-2018-5999 3069d ago

CRITICAL

CVE-2018-5999 (CVSS 9.8) — An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in route...

NVD CVE-2018-5999 3069d ago

CRITICAL

CVE-2018-5955 (CVSS 9.8) — An issue was discovered in GitStack through 2.3.10. User controlled input is not sufficiently filter...

NVD CVE-2018-5955 3070d ago

CRITICAL

CVE-2018-2697 (CVSS 9.1) — Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Appl...

NVD CVE-2018-2697 3074d ago

CRITICAL

CVE-2018-2664 (CVSS 9) — Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui...

NVD CVE-2018-2664 3074d ago

CRITICAL

CVE-2018-2656 (CVSS 9.1) — Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Data ...

NVD CVE-2018-2656 3074d ago

CRITICAL

CVE-2018-2655 (CVSS 9.1) — Vulnerability in the Oracle Work in Process component of Oracle E-Business Suite (subcomponent: Asse...

NVD CVE-2018-2655 3074d ago

CRITICAL

CVE-2018-2623 (CVSS 9.3) — Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui...

NVD CVE-2018-2623 3074d ago

CRITICAL

CVE-2018-2611 (CVSS 10) — Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Sui...

NVD CVE-2018-2611 3074d ago

CRITICAL

CVE-2018-5195 (CVSS 9.8) — Hancom NEO versions 9.6.1.5183 and earlier have a buffer Overflow vulnerability that leads remote at...

NVD CVE-2018-5195 3075d ago

CRITICAL

CVE-2018-5726 (CVSS 9.8) — MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a cr...

NVD CVE-2018-5726 3075d ago

CRITICAL

CVE-2018-5724 (CVSS 9.8) — MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as dem...

NVD CVE-2018-5724 3075d ago

CRITICAL

CVE-2018-5723 (CVSS 9.8) — MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account.

NVD CVE-2018-5723 3075d ago

CRITICAL

CVE-2018-5299 (CVSS 9.8) — A stack-based Buffer Overflow Vulnerability exists in the web server in Pulse Secure Pulse Connect S...

NVD CVE-2018-5299 3075d ago

CRITICAL

CVE-2018-5704 (CVSS 9.6) — Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to ...

NVD CVE-2018-5704 3076d ago

CRITICAL

CVE-2018-5703 (CVSS 9.8) — The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.14.11 allows ...

NVD CVE-2018-5703 3076d ago

CRITICAL

CVE-2018-5328 (CVSS 9.8) — ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows access to various /UserManagement/ privileged modules...

NVD CVE-2018-5328 3076d ago

CRITICAL

CVE-2018-5696 (CVSS 9.8) — The iJoomla com_adagency plugin 6.0.9 for Joomla! allows SQL injection via the `advertiser_status` a...

NVD CVE-2018-5696 3078d ago

CRITICAL

CVE-2018-5315 (CVSS 9.8) — The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL Injection via the event_id parameter...

NVD CVE-2018-5315 3080d ago

CRITICAL

CVE-2018-5262 (CVSS 9.8) — A stack-based buffer overflow in Flexense DiskBoss 8.8.16 and earlier allows unauthenticated remote ...

NVD CVE-2018-5262 3080d ago

CRITICAL

CVE-2018-5377 (CVSS 9.8) — Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the archiver...

NVD CVE-2018-5377 3080d ago

CRITICAL

CVE-2018-5347 (CVSS 9.8) — Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTe...

NVD CVE-2018-5347 3080d ago

CRITICAL

CVE-2018-5211 (CVSS 9.8) — PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the p...

NVD CVE-2018-5211 3083d ago

CRITICAL

CVE-2018-5267 (CVSS 9.8) — Cobham Sea Tel 121 build 222701 devices allow remote attackers to bypass authentication via a direct...

NVD CVE-2018-5267 3084d ago

CRITICAL

CVE-2018-5208 (CVSS 9.8) — In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow...

NVD CVE-2018-5208 3086d ago

CRITICAL

CVE-2018-5206 (CVSS 9.8) — When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL...

NVD CVE-2018-5206 3086d ago

CRITICAL

CVE-2018-3813 (CVSS 9.8) — getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control...

NVD CVE-2018-3813 3090d ago

CRITICAL

CVE-2018-3811 (CVSS 9.8) — SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress...

NVD CVE-2018-3811 3091d ago

CRITICAL

CVE-2018-3810 (CVSS 9.8) — Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for W...

NVD CVE-2018-3810 3091d ago

CRITICAL

CVE-2017-7903 (CVSS 9.8) — A Weak Password Requirements issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 11...

NVD CVE-2017-7903 3276d ago

CRITICAL

CVE-2017-7898 (CVSS 9.8) — An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell Automa...

NVD CVE-2017-7898 3276d ago

CRITICAL

CVE-2017-6034 (CVSS 9.8) — An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon Modbus...

NVD CVE-2017-6034 3276d ago

CRITICAL

CVE-2016-1908 (CVSS 9.8) — The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding an...

NVD CVE-2016-1908 3356d ago

CRITICAL

CVE-2017-7575 (CVSS 9.8) — Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the applica...

NVD CVE-2017-7575 3360d ago

CRITICAL

CVE-2017-7574 (CVSS 9.8) — Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices...

NVD CVE-2017-7574 3360d ago

CRITICAL

CVE-2016-9369 (CVSS 9.8) — An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions pr...

NVD CVE-2016-9369 3412d ago

CRITICAL

CVE-2016-9366 (CVSS 9.8) — An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions pr...

NVD CVE-2016-9366 3412d ago

CRITICAL

CVE-2016-9361 (CVSS 9.8) — An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions pr...

NVD CVE-2016-9361 3412d ago

CRITICAL

CVE-2016-9535 (CVSS 9.8) — tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures...

NVD CVE-2016-9535 3496d ago

Prev Page 13 / 18 Next

CRITICAL NVD Wed, 24 Jan 2018 15:29:01 UTC

CVE-2018-5778 (CVSS 9.8) — An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1). Multiple SQL injecti...

https://nvd.nist.gov/vuln/detail/CVE-2018-5778

TL;DR

An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1). Multiple SQL injection vulnerabilities are present in the legacy .ASP pages, which could allow attackers to execute arbitrary SQL commands via unspecified vectors.

CVE-2018-5778

Read full story ↗