NA – CVE-2018-10310 – A persistent cross-site scripting vulnerability…

A persistent cross-site scripting vulnerability has been identified in the web interface of the Catapult UK Cookie Consent plugin before 2.3.10 for WordPress that allows the execution of arbitrary…

Link: http://feeds.security-database.com/~r/Last100Alerts/~3/_vC628MZEsc/detail.php

HackerTor

NA – CVE-2018-10366 – An issue was discovered in the Users (aka…

An issue was discovered in the Users (aka Front-end user management) plugin 1.4.5 for October CMS. XSS exists in the name field.

Link: http://feeds.security-database.com/~r/Last100Alerts/~3/KISStqWzFho/detail.php

HackerTor

NA – CVE-2018-10367 – An issue was discovered in WUZHI CMS 4.1.0. The…

An issue was discovered in WUZHI CMS 4.1.0. The content-management feature has Stored XSS via the title or content section.

Link: http://feeds.security-database.com/~r/Last100Alerts/~3/iV8ByRS_zfo/detail.php

HackerTor

NA – CVE-2018-10372 – process_cu_tu_index in dwarf.c in GNU Binutils…

process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted binary file, as…

Link: http://feeds.security-database.com/~r/Last100Alerts/~3/BcrzrLCPldE/detail.php

HackerTor

NA – CVE-2018-10368 – An issue was discovered in WUZHI CMS 4.1.0. The…

An issue was discovered in WUZHI CMS 4.1.0. The “Extension Module -> System Announcement" feature has Stored XSS via an announcement.

Link: http://feeds.security-database.com/~r/Last100Alerts/~3/Z_0eb_Oqn8c/detail.php

HackerTor

NA – CVE-2018-10373 – concat_filename in dwarf2.c in the Binary File…

concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer…

Link: http://feeds.security-database.com/~r/Last100Alerts/~3/kr0R5T70OyY/detail.php

HackerTor

NA – CVE-2018-10374 – EasyCMS 1.3 has XSS via the s POST parameter…

EasyCMS 1.3 has XSS via the s POST parameter (aka a search box value) in an index.php?s=/index/search/index.html request.

Link: http://feeds.security-database.com/~r/Last100Alerts/~3/NlJj2M2VH_Y/detail.php

HackerTor

NA – CVE-2018-10375 – A file uploading vulnerability exists in…

A file uploading vulnerability exists in /include/helpers/upload.helper.php in DedeCMS V5.7 SP2, which can be utilized by attackers to upload and execute arbitrary PHP code via the…

Link: http://feeds.security-database.com/~r/Last100Alerts/~3/z4O2WGKIALA/detail.php

HackerTor

NA – CVE-2018-10376 – An integer overflow in the transferProxy…

An integer overflow in the transferProxy function of a smart contract implementation for SmartMesh (aka SMT), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of…

Link: http://feeds.security-database.com/~r/Last100Alerts/~3/5c348bX5VgY/detail.php

HackerTor

NA – CVE-2018-8801 – GitLab Community and Enterprise Editions…

GitLab Community and Enterprise Editions version 8.3 up to 10.x before 10.3 are vulnerable to SSRF in the Services and webhooks component.

Link: http://feeds.security-database.com/~r/Last100Alerts/~3/sHWaf90I9I8/detail.php