6 matches found
EUVD-2018-9983
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-18247
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Icinga Web 2 before 2.6.2 has XSS via the /icingaweb2/navigation/add icon parameter. CVE-2018-18247 Note that Nessus relies on the presence of the package as...
SUSE CVE-2018-18247
Icinga Web 2 before 2.6.2 has XSS via the /icingaweb2/navigation/add icon parameter...
SUSE CVE-2018-18249
Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the attacker, such as a name=$PATH$APACHERUNDIR$APACHERUNUSER parameter to /icingaweb2/navigation/add or /icingaweb2/dashboard/new-dashlet...
NoneCMS 跨站请求伪造漏洞
NoneCMS is a simple and compact open-source content management system that can be used to quickly build corporate sites, personal blogs, and support mobile. A cross-site request forgery vulnerability exists in public/index.php/admin/nav/add.html in NoneCMS version 1.3. An attacker can use this...
DEBIAN-CVE-2018-18247
Icinga Web 2 before 2.6.2 has XSS via the /icingaweb2/navigation/add icon parameter...