CVE-2018-20010

DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php username field.

Publication date: Mon, 10 Dec 2018 15:29:00 +0000

Cyber News related to CVE-2018-20010

CVE-2018-1000672 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-16391, CVE-2018-16392, CVE-2018-16393, CVE-2018-16418, CVE-2018-16419, CVE-2018-16420, CVE-2018-16421, CVE-2018-16422, CVE-2018-16423, CVE-2018-16424, CVE-2018-16425, ...
54 years ago Tenable.com

Cisco Unified Communications Manager Vulnerability CVE-2023-20010 - Cisco Unified Communications Manager (UCM) is one of the more popular enterprise telephony solutions in the market, and it recently experienced a major security vulnerability (CVE-2023-20010). The attack, dubbed "UCMbleed" by researchers from ...
1 year ago Securityaffairs.com

CVE-2018-20010 - DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php username field. ...
5 years ago

CVE-2019-20010 - An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c. ...
4 years ago

CVE-2016-20010 - EWWW Image Optimizer before 2.8.5 allows remote command execution because it relies on a protection mechanism involving boolval, which is unavailable before PHP 5.5. ...
3 years ago

CVE-2022-20010 - In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is ...
2 years ago

CVE-2023-20010 - A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct ...
1 year ago

CVE-2024-20010 - In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358560; Issue ...
10 months ago

CVE-2023-40508 - LG Simple Editor putCanvasDB Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this ...
7 months ago Tenable.com

CVE-2018-0912 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0923 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0916 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0914 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0921 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0909 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0911 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0947 - Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0917 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0910 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0944 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0913 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0769 - Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine ...
4 years ago

CVE-2018-0778 - Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID ...
4 years ago

CVE-2018-0773 - Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID ...
4 years ago

CVE-2018-0772 - Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 ...
4 years ago

Latest Cyber News

CVE-2024-12884 - 11 hours ago
CVE-2024-51463 - 11 hours ago
CVE-2024-51464 - 11 hours ago
CVE-2024-12883 - 12 hours ago
CVE-2024-12875 - 13 hours ago
CVE-2024-12591 - 15 hours ago
CVE-2024-12408 - 15 hours ago
CVE-2024-12558 - 15 hours ago
CVE-2024-11722 - 15 hours ago
CVE-2024-11688 - 15 hours ago
CVE-2024-10453 - 15 hours ago
CVE-2024-11808 - 16 hours ago
CVE-2024-12588 - 16 hours ago
CVE-2024-9545 - 16 hours ago
CVE-2024-10797 - 16 hours ago
CVE-2024-12262 - 18 hours ago
CVE-2024-12635 - 18 hours ago
CVE-2024-12697 - 18 hours ago
CVE-2024-12721 - 18 hours ago
CVE-2024-12771 - 18 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-12841 - 1 day ago
CVE-2024-37758 - 1 day ago
CVE-2024-55342 - 1 day ago
CVE-2024-12842 - 1 day ago
CVE-2024-12867 - 1 day ago
CVE-2024-55341 - 1 day ago
CVE-2024-56329 - 1 day ago
CVE-2024-56330 - 1 day ago
CVE-2024-56331 - 1 day ago
CVE-2024-56333 - 1 day ago
CVE-2024-12843 - 1 day ago
CVE-2024-12844 - 1 day ago
CVE-2024-40875 - 1 day ago
CVE-2024-55509 - 1 day ago
CVE-2024-56334 - 1 day ago
CVE-2024-56335 - 1 day ago
CVE-2024-56357 - 1 day ago
CVE-2024-56358 - 1 day ago
CVE-2024-56359 - 1 day ago
CVE-2020-13712 - 1 day ago