McAfee ePolicy Orchestrator <5.10.9 Update 9 - Cross-Site Scripting

McAfee ePolicy Orchestrator before 5.10.9 Update 9 is vulnerable to a cross-site scripting vulnerability that allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized. reference: -...

CVE-2026-7318 elie mcp-project research_server.py search_papers path traversal

A vulnerability was detected in elie mcp-project 0.1.0. The affected element is the function searchpapers of the file researchserver.py. The manipulation of the argument topic results in path traversal. Attacking locally is a requirement. The exploit is now public and may be used. The project was...

CVE-2026-7318

The CVE affects elie mcp-project 0.1.0, specifically the function search_papers in research_server.py. The vulnerability arises from path traversal when manipulating the topic argument. Local access is required for exploitation, and the exploit is publicly available. No remediation or patch detai...

MiracleLinux 8 : container-tools:rhel8 (AXSA:2023-7318:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7318:02 advisory. go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper...

CVE-2013-7318

Cross-site scripting XSS vulnerability in BusinessFlow/login in AlgoSec Firewall Analyzer 6.4 allows remote attackers to inject arbitrary web script or HTML via the message parameter...

EUVD-2020-7318

Malware in sbrugna...

EUVD-2025-29202

Malicious code in bioql PyPI...

CVE-2025-7318 IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability

IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...

CVE-2025-7318

CVE-2025-7318 affects IrfanView CADImage Plugin. The vulnerability stems from parsing DWG files where lack of input validation leads to memory corruption, enabling remote code execution in the plugin process. Exploitation requires user interaction (visiting a malicious page or opening a malicious...

CVE-2020-7318

Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator ePO prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized...

Linux Distros Unpatched Vulnerability : CVE-2015-7318

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Plone 3.3.0 through 3.3.6 allows remote attackers to inject headers into HTTP responses. CVE-2015-7318 Note that Nessus relies on the presence of the package as...

be.jidoka:jdk-keycloak-admin (>=1.2.0 <=2.3.0), br.com.anteros:Anteros-Keycloak (=1.0.0) +1061 more potentially affected by CVE-2024-7318 via org.keycloak:keycloak-core (>=10.0.0 <=24.0.5)

org.keycloak:keycloak-core MAVEN version =10.0.0, =1.2.0, =0.0.8-alpha, =0.0.1-alpha, =1.0.0, =0.2.0, =0.2.0, =0.2.0, =0.5.0, =0.2.0, =0.2.0, =0.5.0, =0.10.0, =0.10.0, =0.5.0, =0.10.5-experimental and more Source cves: CVE-2024-7318 Source advisory: OSV:GHSA-XMMM-JW76-Q7VG...

CVE-2024-7318 vulnerabilities

Vulnerabilities for packages: keycloak-config-cli...

Oracle Linux 9 : kernel (ELSA-2022-7318)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7318 advisory. - lockdown: also lock down previous kgdb use Daniel Thompson Orabug: 34290418 CVE-2022-21499 - ptrace: Check PTRACEOSUSPENDSECCOMP permission on...

CVE-2020-7318

creationtimestamp| type| source ---|---|--- 2020-10-14 22:39:51+00:00| seen| https://t.me/cibsecurity/15273 2020-12-31 18:34:35+00:00| exploited| https://t.me/CyberSecurityTechnologies/2246 2021-03-24 14:20:37+00:00| published-proof-of-concept| https://t.me/reconshell/586 2021-09-21 06:42:55+00:0...

CVE-2020-7318

McAfee ePolicy Orchestrator (ePO) before version 5.10.9 Update 9 is affected by CVE-2020-7318, a cross-site scripting (XSS) vulnerability. The issue arises from multiple parameters not being properly sanitized, allowing an attacker with adjacent access to inject arbitrary web script or HTML in th...

Joomla! CheckList 1.1.1 SQL Injection

Exploit Title: Joomla! Component CheckList 1.1.1 - SQL Injection Dork: N/A Date: 22.02.2018 Vendor Homepage: https://www.joomplace.com/ Software Link: https://extensions.joomla.org/extensions/extension/living/personal-life/checklist/ Version: 1.1.1 Category: Webapps Tested on: WiN7x64/KaLiLinuXx6...

CVE-2018-7318

SQL Injection exists in the CheckList 1.1.1 component for Joomla! via the titlesearch, tagsearch, namesearch, descriptionsearch, or filterorder parameter...

CVE-2018-7318

SQL Injection exists in the CheckList 1.1.1 component for Joomla! via the titlesearch, tagsearch, namesearch, descriptionsearch, or filterorder parameter...

Joomla! Component CheckList 1.1.1 - SQL Injection

Joomla! Component CheckList 1.1.1 - SQL Injection Exploit Title: Joomla! Component CheckList 1.1.1 - SQL Injection Dork: N/A Date: 22.02.2018 Vendor Homepage: https://www.joomplace.com/ Software Link: https://extensions.joomla.org/extensions/extension/living/personal-life/checklist/ Version: 1.1....