CVE-2018-14473
OCS Inventory 2.4.1 lacks a proper XML parsing configuration, allowing the use of external entities. This issue can be exploited by an attacker sending a crafted HTTP request in order to exfiltrate information or cause a Denial of Service.
Source: CVE-2018-14473
CVE-2018-14417
A command injection vulnerability was found in the web administration console in SoftNAS Cloud before 4.0.3. In particular, the snserv script did not sanitize the ‘recentVersion’ parameter from the snserv endpoint, allowing an unauthenticated attacker to execute arbitrary commands with root permissions.
Source: CVE-2018-14417
CVE-2018-14593
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.
Source: CVE-2018-14593
CVE-2018-12483
OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content of the ipdiscover_analyser rzo GET parameter is concatenated to a string used in an exec() call in the PHP code. Authentication is needed in order to exploit this vulnerability.
Source: CVE-2018-12483
CVE-2018-12482
OCS Inventory 2.4.1 contains multiple SQL injections in the search engine. Authentication is needed in order to exploit the issues.
Source: CVE-2018-12482
CVE-2018-14924
Matera Banco 1.0.0 is vulnerable to multiple stored XSS, as demonstrated by the sca/privilegio/consultarUsuario.jsf "Nome Completo" (aka user fullname) field.
Source: CVE-2018-14924
CVE-2018-14926
Matera Banco 1.0.0 allows CSRF, as demonstrated by a /contingency/web/messageSend/messageSendHandler.jsp request.
Source: CVE-2018-14926
CVE-2018-14925
Matera Banco 1.0.0 mishandles Java errors in the backend, as demonstrated by a stack trace revealing use of net.sf.acegisecurity components.
Source: CVE-2018-14925
CVE-2018-14928
/contingency/servlet/ServletFileDownload executes as root and provides unauthenticated access to files via the file parameter.
Source: CVE-2018-14928