Max CVSS 9.3 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-17988 7.5
LayerBB 1.1.1 and 1.1.3 has SQL Injection via the search.php search_query parameter.
19-04-2022 - 15:42 07-03-2019 - 23:29
CVE-2018-2628 7.5
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthe
29-04-2019 - 21:01 19-04-2018 - 02:29
CVE-2018-17440 7.5
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. They expose an FTP server that serves by default on port 9000 and has hardcoded credentials (admin, admin). Taking advantage of this, a remote unauthenticated attacker c
23-11-2018 - 18:50 08-10-2018 - 16:29
CVE-2018-17442 6.5
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. An unrestricted file upload vulnerability in the onUploadLogPic endpoint allows remote authenticated users to execute arbitrary PHP code.
23-11-2018 - 15:02 08-10-2018 - 16:29
CVE-2018-17443 4.3
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'sitename' parameter of the UpdateSite endpoint is vulnerable to stored XSS.
23-11-2018 - 14:56 08-10-2018 - 16:29
CVE-2018-17441 4.3
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'username' parameter of the addUser endpoint is vulnerable to stored XSS.
21-11-2018 - 22:05 08-10-2018 - 16:29
CVE-2007-5653 9.3
The Component Object Model (COM) functions in PHP 5.x on Windows do not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by executing objects with the kill b
29-09-2017 - 01:29 23-10-2007 - 21:47
Back to Top Mark selected
Back to Top