NOTIZIE & EVENTI

SERVIZI

Il servizio raccoglie informazioni relative ad exploit pubblici aggiornati giornalmente attraverso il repository...

Il servizio analizza un log di richieste DNS e identifica se all’interno sono stati risolti dei nomi a dominio che...

Il servizio offre uno strumento semplice e rapido per l'autovalutazione per il calcolo del rischio cibernetico. Il...

Il servizio offre una piattaforma che consente ai Registrar di verificare eventuali problemi di performance e sicurezza...

ULTIMI CVE

Published Description
CVE-2018-17127
17-09-2018 00:29:00
blocking_request.cgi on ASUS GT-AC5300 devices through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (NULL pointer dereference and device crash) via a request that lacks a timestap parameter.
CVE-2018-17126
17-09-2018 00:29:00
CScms 4.1 allows remote code execution, as demonstrated by 1');eval($_POST[cmd]);# in Web Name to upload\plugins\sys\Install.php.
CVE-2018-17125
17-09-2018 00:29:00
CScms 4.1 allows arbitrary directory deletion via a dir=..\\ substring to plugins\sys\admin\Plugins.php.
CVE-2018-17113
17-09-2018 00:29:00
App/Modules/Admin/Tpl/default/Public/dwz/uploadify/scripts/uploadify.swf in EasyCMS 1.5 has XSS via the uploadifyID or movieName parameter, a related issue to CVE-2018-9173.
CVE-2018-17108
16-09-2018 19:29:00
The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android might allow attackers to perform Account Takeover attacks by intercepting a security-question response during the initial configuration of the application.

Pages