|
223581
|
5.9 |
MEDIUM
Network
|
openafs
debian
|
openafs
debian_linux
|
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information leakage upon certain error conditions because uninitialized RPC output variables are sent over the network to a peer.
|
CWE-908
Use of Uninitialized Resource
|
CVE-2019-18603
|
2024-11-21 13:33 |
2019-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223582
|
7.5 |
HIGH
Network
|
openafs
debian
|
openafs
debian_linux
|
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer.
|
CWE-908
Use of Uninitialized Resource
|
CVE-2019-18602
|
2024-11-21 13:33 |
2019-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223583
|
7.5 |
HIGH
Network
|
openafs
|
openafs
|
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to denial of service from unserialized data access because remote attackers can make a series of VOTE_Debug RPC calls to crash a database server …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2019-18601
|
2024-11-21 13:33 |
2019-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223584
|
5.5 |
MEDIUM
Local
|
libpod_project
|
libpod
|
An issue was discovered in Podman in libpod before 1.6.0. It resolves a symlink in the host context during a copy operation from the container to the host, because an undesired glob operation occurs.…
|
CWE-59
Link Following
|
CVE-2019-18466
|
2024-11-21 13:33 |
2019-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223585
|
9.8 |
CRITICAL
Network
|
clonos
|
clonos
|
clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via change password requests because there is no session management.
|
CWE-384
Session Fixation
|
CVE-2019-18418
|
2024-11-21 13:33 |
2019-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223586
|
6.1 |
MEDIUM
Network
|
clonos
|
clonos
|
A cross-site scripting (XSS) vulnerability in index.php in ClonOS WEB control panel 19.09 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-18419
|
2024-11-21 13:33 |
2019-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223587
|
8.8 |
HIGH
Network
|
sourcecodester
|
restaurant_management_system
|
Sourcecodester Restaurant Management System 1.0 allows an authenticated attacker to upload arbitrary files that can result in code execution. The issue occurs because the application fails to adequat…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-18417
|
2024-11-21 13:33 |
2019-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223588
|
6.1 |
MEDIUM
Network
|
restaurant_management_system_project
|
restaurant_management_system
|
Sourcecodester Restaurant Management System 1.0 allows XSS via the Last Name field of a member.
|
CWE-79
Cross-site Scripting
|
CVE-2019-18416
|
2024-11-21 13:33 |
2019-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223589
|
6.1 |
MEDIUM
Network
|
restaurant_management_system_project
|
restaurant_management_system
|
Sourcecodester Restaurant Management System 1.0 allows XSS via the "send a message" screen.
|
CWE-79
Cross-site Scripting
|
CVE-2019-18415
|
2024-11-21 13:33 |
2019-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223590
|
8.8 |
HIGH
Network
|
sourcecodester
|
restaurant_management_system
|
Sourcecodester Restaurant Management System 1.0 is affected by an admin/staff-exec.php Cross Site Request Forgery vulnerability due to a lack of CSRF protection. This could lead to an attacker tricki…
|
CWE-352
Origin Validation Error
|
CVE-2019-18414
|
2024-11-21 13:33 |
2019-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
