CVE-2018-11647
index.js in oauth2orize-fprm before 0.2.1 has XSS via a crafted URL.
Source: CVE-2018-11647
[월:] 2018년 06월
CVE-2018-12338
CVE-2018-12338
Undocumented Factory Backdoor in ECOS System Management Appliance (aka SMA) 5.2.68 allows the vendor to extract confidential information and manipulate security relevant configurations via remote root SSH access.
Source: CVE-2018-12338
CVE-2018-12336
CVE-2018-12336
Undocumented Factory Backdoor in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows the vendor to extract confidential information via remote root SSH access.
Source: CVE-2018-12336
CVE-2018-10969
CVE-2018-10969
SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress allows remote attackers to execute arbitrary SQL commands via the invitation codes grid.
Source: CVE-2018-10969
CVE-2018-12335
CVE-2018-12335
Incorrect access control in ECOS System Management Appliance (aka SMA) 5.2.68 allows a user to compromise authentication keys, and access and manipulate security relevant configurations, via unrestricted database access during Easy Enrollment.
Source: CVE-2018-12335
CVE-2018-12329
CVE-2018-12329
Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows a local attacker to duplicate an authentication factor via cloning.
Source: CVE-2018-12329
CVE-2018-12330
CVE-2018-12330
Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via compromised firmware.
Source: CVE-2018-12330
CVE-2018-12331
CVE-2018-12331
Authentication Bypass by Spoofing vulnerability in ECOS System Management Appliance (aka SMA) 5.2.68 allows a man-in-the-middle attacker to compromise authentication keys and configurations via IP spoofing during "Easy Enrollment."
Source: CVE-2018-12331
CVE-2018-12332
CVE-2018-12332
Incomplete Cleanup vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a compromised host PC after a reset.
Source: CVE-2018-12332
CVE-2018-12333
CVE-2018-12333
Insufficient Verification of Data Authenticity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to manipulate security relevant configurations and execute malicious code.
Source: CVE-2018-12333