» 2018 » 4월

CVE-2018-10085 (cms_made_simple)

Posted on 2018년 4월 13일2018년 4월 16일 by admin

CVE-2018-10085 (cms_made_simple)

CMS Made Simple (CMSMS) through 2.2.6 allows PHP object injection because of an unserialize call in the _get_data function of libclassesinternalclass.LoginOperations.php. By sending a crafted cookie, a remote attacker can upload and execute code, or delete files.

Source: CVE-2018-10085 (cms_made_simple)

CVE-2018-10081

Posted on 2018년 4월 13일2018년 4월 16일 by admin

CVE-2018-10081

CMS Made Simple (CMSMS) through 2.2.6 contains an admin password reset vulnerability because data values are improperly compared, as demonstrated by a hash beginning with the "0e" substring.

Source: CVE-2018-10081

CVE-2018-10083 (cms_made_simple)

Posted on 2018년 4월 13일2018년 4월 16일 by admin

CVE-2018-10083 (cms_made_simple)

CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary file deletion vulnerability in the admin dashboard via directory traversal sequences in the val parameter within a cmd=del request, because code under modulesFilePicker does not restrict the val parameter.

Source: CVE-2018-10083 (cms_made_simple)

CVE-2018-10084 (cms_made_simple)

Posted on 2018년 4월 13일2018년 4월 16일 by admin

CVE-2018-10084 (cms_made_simple)

CMS Made Simple (CMSMS) through 2.2.6 contains a privilege escalation vulnerability from ordinary user to admin user by arranging for the eff_uid value within $_COOKIE[$this->_loginkey] to equal 1, because an SHA-1 cryptographic protection mechanism can be bypassed.

Source: CVE-2018-10084 (cms_made_simple)

CVE-2018-10082 (cms_made_simple)

Posted on 2018년 4월 13일2018년 4월 16일 by admin

CVE-2018-10082 (cms_made_simple)

CMS Made Simple (CMSMS) through 2.2.7 allows physical path leakage via an invalid /index.php?page= value, a crafted URI starting with /index.php?mact=Search, or a direct request to /admin/header.php, /admin/footer.php, /lib/tasks/class.ClearCache.task.php, or /lib/tasks/class.CmsSecurityCheck.task.php.

Source: CVE-2018-10082 (cms_made_simple)

CVE-2018-10080

Posted on 2018년 4월 13일2018년 4월 16일 by admin

CVE-2018-10080

Secutech RiS-11, RiS-22, and RiS-33 devices with firmware V5.07.52_es_FRI01 allow DNS settings changes via a goform/AdvSetDns?GO=wan_dns.asp request in conjunction with a crafted admin cookie.

Source: CVE-2018-10080

CVE-2018-6935

Posted on 2018년 4월 13일2018년 4월 16일 by admin

CVE-2018-6935

PHP Scripts Mall Student Profile Management System Script v2.0.6 has XSS via the Name field to list_student.php.

Source: CVE-2018-6935

CVE-2018-6904

Posted on 2018년 4월 13일2018년 4월 16일 by admin

CVE-2018-6904

PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action.

Source: CVE-2018-6904

CVE-2018-6934

Posted on 2018년 4월 13일2018년 4월 16일 by admin

CVE-2018-6934

CSRF exists in student/personal-info in PHP Scripts Mall Online Tutoring Script 2.0.3.

Source: CVE-2018-6934

CVE-2018-6903

Posted on 2018년 4월 13일2018년 4월 16일 by admin

CVE-2018-6903

PHP Scripts Mall Hot Scripts Clone Script Classified v3.1 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address by removing the validation code.

Source: CVE-2018-6903