Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-05-25 CVE-2018-11470 SQL Injection vulnerability in Iscripts Eswap 2.4
iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' parameter in the User Panel.
network
low complexity
iscripts CWE-89
8.8
8.8
2018-05-25 CVE-2018-6664 Improper Verification of Cryptographic Signature vulnerability in Mcafee Data Loss Prevention Endpoint
Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass the product block action via a command-line utility.
network
low complexity
mcafee CWE-347
8.8
8.8
2018-05-25 CVE-2018-11445 Cross-Site Request Forgery (CSRF) vulnerability in Easyservice Billing Project Easyservice Billing 1.0
A CSRF issue was discovered on the User Add/System Settings Page (system-settings-user-new2.php) in EasyService Billing 1.0.
network
low complexity
easyservice-billing-project CWE-352
8.8
8.8
2018-05-25 CVE-2018-11442 Cross-Site Request Forgery (CSRF) vulnerability in Easyservice Billing Project Easyservice Billing 1.0
A CSRF issue was discovered in EasyService Billing 1.0, which was triggered via a quotation-new3-new2.php?add=true&id= URI, as demonstrated by adding a new quotation.
network
low complexity
easyservice-billing-project CWE-352
8.8
8.8
2018-05-25 CVE-2018-1137 Improper Input Validation vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-20
8.1
8.1
2018-05-25 CVE-2018-1133 Code Injection vulnerability in Moodle
An issue was discovered in Moodle 3.x.
network
low complexity
moodle CWE-94
8.8
8.8
2018-05-25 CVE-2018-11440 Out-of-bounds Write vulnerability in multiple products
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c.
network
low complexity
liblouis canonical opensuse CWE-787
8.8
8.8
2018-05-24 CVE-2018-7407 Incorrect Type Conversion or Cast vulnerability in Foxitsoftware Reader
An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1.
network
low complexity
foxitsoftware CWE-704
8.8
8.8
2018-05-24 CVE-2018-7406 Improper Validation of Array Index vulnerability in Foxitsoftware Reader
An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1.
network
low complexity
foxitsoftware CWE-129
8.8
8.8
2018-05-24 CVE-2018-5680 Out-of-bounds Read vulnerability in Foxitsoftware Reader
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1.
network
low complexity
foxitsoftware CWE-125
8.8
8.8