CVE-2018-18375

goform/getProfileList in Orange AirBox Y858FL01.1604 allows attackers to extract APN data name, number, username, and password via the rand parameter...

CVE-2017-18375

Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php...

CVE-2019-18375

The vulnerability CVE-2019-18375 affects Broadcom ASG (Advanced Secure Gateway) and ProxySG management consoles. A remote attacker with access to the appliance management interface can hijack an active session and access the management console with the hijacked user’s privileges. Impact is sessio...

CVE-2017-18375

creationtimestamp| type| source ---|---|--- 2019-05-24 18:53:15+00:00| seen| https://t.me/cvemitreorg/331...

CVE-2017-18375

Ampache 3.8.3 is affected by a vulnerability that allows PHP object instantiation via the files democratic.ajax.php and democratic.class.php. The connected sources consistently state this issue but do not provide technical specifics such as vulnerable functions, versions beyond 3.8.3, root cause ...

CVE-2018-18375

goform/getProfileList in Orange AirBox Y858FL01.1604 allows attackers to extract APN data name, number, username, and password via the rand parameter...

CVE-2018-18375

The Red Hat/ NVD entry describes CVE-2018-18375 affecting Orange AirBox Y858_FL_01.16_04: the function goform/getProfileList can be queried with the rand parameter to extract APN data (name, number, username, password). The connected records confirm the vulnerable endpoint and data exposure but d...