|
3441
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Twitter-Clone 1 contains a cross-site request forgery vulnerability that allows remote attackers to force victims to delete posts by crafting malicious HTML forms. Attackers can create hidden forms t…
|
CWE-352
Origin Validation Error
|
CVE-2018-25363
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3442
|
8.2 |
HIGH
Network
|
-
|
-
|
Twitter-Clone 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the name parameter. Attackers can sub…
|
CWE-89
SQL Injection
|
CVE-2018-25364
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3443
|
7.5 |
HIGH
Network
|
-
|
-
|
PCViewer vt1000 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by submitting relative path sequences in GET requests. Attackers can use pat…
|
CWE-22
Path Traversal
|
CVE-2018-25365
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3444
|
8.4 |
HIGH
Local
|
-
|
-
|
CuteFTP 5.0 XP contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by injecting malicious payload into the Site Manager label field. Attackers can craft a p…
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25366
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3445
|
6.2 |
MEDIUM
Local
|
-
|
-
|
NASA openVSP 3.16.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the geometry name field. Attackers can tri…
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25367
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3446
|
7.5 |
HIGH
Network
|
-
|
-
|
Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting an excessively long string in the password field. Attackers ca…
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2018-25368
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3447
|
6.2 |
MEDIUM
Local
|
-
|
-
|
Visual Ping 0.8.0.0 contains a buffer overflow vulnerability in input field handling that allows local attackers to crash the application by supplying oversized data. Attackers can inject malicious p…
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25369
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3448
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Admidio 3.3.5 contains a cross-site request forgery vulnerability that allows low-privilege users to increase their permissions by exploiting improper origin checking. Attackers can craft malicious H…
|
CWE-352
Origin Validation Error
|
CVE-2018-25370
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3449
|
8.2 |
HIGH
Network
|
-
|
-
|
mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality…
|
CWE-89
SQL Injection
|
CVE-2018-25371
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3450
|
8.2 |
HIGH
Network
|
-
|
-
|
MedDream PACS Server Premium 6.7.1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the email param…
|
CWE-89
SQL Injection
|
CVE-2018-25372
|
2026-05-27 04:47 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
