Lista CVE 2018/25xxx

CVE nel gruppo: 25xxx

CVE-2018-25064 (Clicca per dettagli)

CVE-2018-25065 (OSM Lab show-me-the-way site.js cross site scripting)

CVE-2018-25066 (Wikimedia mediawiki-extensions-I18nTags Unlike Parser I18nTags_body.php cross site scripting)

CVE-2018-25067 (PeterMu nodebatis sql injection)

CVE-2018-25068 (JoomGallery Image Sort default.php sql injection)

CVE-2018-25069 (devent globalpom-utils FileResourceManagerProvider.java createTmpDir temp file)

CVE-2018-25070 (Netis Netcore Router hard-coded password)

CVE-2018-25071 (polterguy Phosphorus Five CSV Import NonQuery.cs csv.Read sql injection)

CVE-2018-25072 (roxlukas LMeve proxy.php insert_log sql injection)

CVE-2018-25073 (lojban jbovlaste listing.html sql injection)

CVE-2018-25074 (Newcomer1989 TSN-Ranksystem bot.php getlog cross site scripting)

CVE-2018-25075 (Prestaul skeemas base.js redos)

CVE-2018-25076 (karsany OBridge ProcedureDao.java getAllStandaloneProcedureAndFunction sql injection)

CVE-2018-25077 (Events Extension events.php searchResults sql injection)

CVE-2018-25078 (melnaron mel-spintax spintax.js redos)

CVE-2018-25079 (Clicca per dettagli)

CVE-2018-25080 (Segmentio is-url index.js redos)

CVE-2018-25081 (MobileDetect Example session_example.php initLayoutType cross site scripting)

CVE-2018-25082 (Clicca per dettagli)

CVE-2018-25083 (zwczou WeChat SDK Python to_xml xml external entity reference)

CVE-2018-25084 (Clicca per dettagli)

CVE-2018-25085 (Ping Identity Self-Service Account Manager SSAMController.java cross site scripting)

CVE-2018-25086 (Responsive Menus Configuration Setting responsive_menus.module responsive_menus_admin_form_submit cross site scripting)

CVE-2018-25087 (sea75300 FanPress CM Template Preview templatepreview.php getArticlesPreview cross site scripting)

CVE-2018-25088 (Arborator Server project.cgi start denial of service)

CVE-2018-25089 (Blue Yonder postgraas_server PostgreSQL Backend postgres_cluster_driver.py create_postgres_db sql injection)

CVE-2018-25090 (glb Meetup Tag Extension Link Attribute reverse tabnabbing)

CVE-2018-25091 (Wago: Improper Neutralization of Input During Web Page Generation in multiple devices)

CVE-2018-25092 (Clicca per dettagli)

CVE-2018-25093 (Vaerys-Dawn DiscordSailv2 Command Mention access control)

CVE-2018-25094 (Vaerys-Dawn DiscordSailv2 Tag access control)

CVE-2018-25095 (ระบบบัญชีออนไลน์ Online Accounting System image.php path traversal)

CVE-2018-25096 (Duplicator < 1.3.0 - Unauthenticated RCE)

CVE-2018-25097 (MdAlAmin-aol Own Health Record logout.php cross-site request forgery)

CVE-2018-25098 (Acumos Design Studio cross site scripting)

CVE-2018-25099 (blockmason credit-protocol UCAC CreditProtocol.sol executeUcacTx denial of service)

CVE-2018-25100 (Clicca per dettagli)

CVE-2018-25101 (Clicca per dettagli)

CVE-2018-25103 (l2c2technologies Koha opac-MARCdetail.pl cross site scripting)

CVE-2018-25104 (Use-after-free vulnerabilities in lighttpd <= 1.4.50)

CVE-2018-25105 (CoinGate Plugin Payment callback.php postProcess logic error)

CVE-2018-25106 (File Manager <= 3.0 - Unauthenticated Arbitrary File Upload/Download)

CVE-2018-25107 (webuidesigning NebulaX Theme Legacy.php nebula_send_to_hubspot sql injection)

CVE-2018-25108 (Clicca per dettagli)

CVE-2018-25109 (WAGO: Denial of service in 750-8xx controller due to uncontrolled resource consumption)