AiOPMSD Final 1
Description
AiOPMSD Final 1
AI Analyst Comment
Remediation
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Search and filter 17282 vulnerabilities with AI analyst insights
AiOPMSD Final 1
AiOPMSD Final 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
AiOPMSD Final 1
AiOPMSD Final 1
---METADATA---
VENDOR: AiOPMSD
PRODUCT: AiOPMSD
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
A high-severity vulnerability in AiOPMSD Final 1 could allow for unauthorized access, posing a risk to the application's security.
Executive Summary:
The AiOPMSD application is vulnerable to a high-severity flaw that could lead to unauthorized system access or data compromise.
Vulnerability Details
CVE-ID: CVE-2018-25415
Affected Software: AiOPMSD
Affected Versions: See vendor advisory for affected versions
Vulnerability: The vulnerability in AiOPMSD allows for potential exploitation that could lead to unauthorized actions or access to the application's internal data.
Business Impact
This vulnerability is assigned a CVSS score of 8.2, indicating a high level of risk. Exploitation could lead to unauthorized data access and potential service disruption, impacting the business processes that rely on the AiOPMSD platform.
Remediation Plan
Immediate Action: Apply the latest security updates provided by the vendor for AiOPMSD. Ensure all systems are updated to a version where this vulnerability is mitigated.
Proactive Monitoring: Enhance monitoring of application logs to detect any signs of exploitation or unusual activity.
Compensating Controls: Deploy WAF rules to block malicious traffic patterns and ensure that the application is not exposed to the public internet without adequate protection.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 1, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Prompt remediation is necessary to protect against this high-severity threat. Security teams should assess their environment for the presence of the affected software and apply updates as a matter of urgency.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
AiOPMSD Final 1
AiOPMSD Final 1
---METADATA---
VENDOR: AiOPMSD
PRODUCT: AiOPMSD
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
AiOPMSD Final 1 is affected by a high-severity vulnerability that requires immediate security attention to prevent potential system compromise.
Executive Summary:
A high-severity vulnerability in AiOPMSD could allow attackers to compromise the integrity and availability of the application.
Vulnerability Details
CVE-ID: CVE-2018-25414
Affected Software: AiOPMSD
Affected Versions: See vendor advisory for affected versions
Vulnerability: This vulnerability affects the AiOPMSD software, potentially allowing an attacker to exploit flaws within the application's design to execute unauthorized actions or access sensitive information.
Business Impact
With a CVSS score of 8.2, this vulnerability represents a high risk to the business. Successful exploitation could result in the compromise of application data, unauthorized access to system resources, and potential operational disruption.
Remediation Plan
Immediate Action: Apply all available security patches or updates for AiOPMSD immediately. Verify the integrity of the installation after applying any updates.
Proactive Monitoring: Implement robust logging and monitoring to detect any suspicious behavior or unauthorized access attempts targeting the AiOPMSD application.
Compensating Controls: Use network-level security measures, such as a WAF or restricted access via VPN, to protect the application from external exploitation attempts.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 1, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Organizations should prioritize the remediation of this vulnerability to mitigate the risk of unauthorized access. If patches are not available, evaluate the necessity of the application and consider alternative, more secure solutions.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
AiOPMSD Final 1
AiOPMSD Final 1
---METADATA---
VENDOR: AiOPMSD
PRODUCT: AiOPMSD Final
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A security vulnerability has been identified in the AiOPMSD Final software that may expose the system to unauthorized access.
Executive Summary:
The AiOPMSD Final application contains a high-severity vulnerability that could lead to unauthorized system access and potential compromise of host resources.
Vulnerability Details
CVE-ID: CVE-2018-25413
Affected Software: AiOPMSD Final
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects the AiOPMSD Final software, potentially allowing an attacker to leverage system-level flaws. The specific attack vector requires further investigation, but the high CVSS rating suggests a significant risk to the host environment.
Business Impact
With a CVSS score of 8.2, this vulnerability is considered a high-risk security event. Organizations relying on this software face risks including unauthorized data access, system disruption, and potential loss of intellectual property if the application is not properly secured.
Remediation Plan
Immediate Action: Check the vendor portal for security updates and apply all available patches to the AiOPMSD Final installation.
Proactive Monitoring: Audit user activity logs and system processes for any unauthorized modifications or anomalous behavior originating from the application.
Compensating Controls: Isolate the application within a restricted network segment to minimize the potential impact of an exploit.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 1, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Administrators should prioritize the remediation of this vulnerability. It is essential to ensure that the software is updated and that appropriate access controls are in place to prevent unauthorized exploitation of the reported flaw.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Delta Sql 1.8.2 contains an arbitrary file upload vulnerability allowing unauthenticated remote code execution via POST requests to docs_upload.php.
Delta Sql 1.8.2 contains an arbitrary file upload vulnerability allowing unauthenticated remote code execution via POST requests to docs_upload.php.
---METADATA---
VENDOR: Delta
PRODUCT: Sql
AFFECTED_VERSIONS: Delta Sql 1.8.2
---END_METADATA---
Description Summary:
Delta Sql 1.8.2 contains an arbitrary file upload vulnerability allowing unauthenticated remote code execution via POST requests to docs_upload.php.
Executive Summary:
An unauthenticated arbitrary file upload vulnerability in Delta Sql allows remote attackers to execute malicious code on the server, posing a critical security risk.
Vulnerability Details
CVE-ID: CVE-2018-25412
Affected Software: Delta Sql
Affected Versions: Delta Sql 1.8.2
Vulnerability: This vulnerability involves an insecure file upload mechanism in the docs_upload.php file, which fails to validate user-supplied input. An unauthenticated attacker can upload arbitrary PHP files to the server and execute them, leading to complete remote code execution (RCE).
Business Impact
With a CVSS score of 9.8, this vulnerability represents a critical risk to the confidentiality, integrity, and availability of the host system. Successful exploitation allows an attacker to gain full control over the application server, potentially leading to unauthorized data access, lateral movement within the network, and significant reputational damage.
Remediation Plan
Immediate Action: Update Delta Sql to a version newer than 1.8.2 immediately to mitigate the risk of remote code execution.
Proactive Monitoring: Review web access logs for unusual POST requests directed at docs_upload.php and monitor the server’s upload directory for unauthorized script files.
Compensating Controls: Deploy a Web Application Firewall (WAF) with rules configured to block file uploads containing executable extensions (e.g., .php) from untrusted sources.
Exploitation Status
Public Exploit Available: True
Analyst Notes: As of May 30, 2026, public proof-of-concept exploits are available for this vulnerability. Given the ease of exploitation, immediate patching is required to prevent unauthorized system compromise.
Analyst Recommendation
The severity of this flaw, combined with the availability of public exploits, necessitates an emergency patching cycle. Organizations should prioritize updating the affected software to a secure version and perform a thorough security audit of the server to ensure no malicious persistence mechanisms were established prior to patching.
Update Delta Sql to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
MGB OpenSource Guestbook 0
MGB OpenSource Guestbook 0
---METADATA---
VENDOR: MGB
PRODUCT: OpenSource Guestbook
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
MGB OpenSource Guestbook is affected by a high-severity vulnerability that could potentially expose the system to unauthorized access.
Executive Summary:
A high-severity vulnerability in MGB OpenSource Guestbook creates a significant security risk for organizations utilizing this software.
Vulnerability Details
CVE-ID: CVE-2018-25411
Affected Software: MGB OpenSource Guestbook
Affected Versions: See vendor advisory for affected versions
Vulnerability: The software contains a vulnerability that may allow an attacker to gain unauthorized access or influence the behavior of the application, potentially leading to a compromise of the host system.
Business Impact
The CVSS score of 8.2 classifies this as a high-severity risk. Exploitation could lead to unauthorized data access, service disruption, or the potential for further system compromise, directly threatening the business functions supported by this guestbook application.
Remediation Plan
Immediate Action: Update the MGB OpenSource Guestbook to the latest available version provided by the vendor. If updates are unavailable, consider migrating to a more secure and supported guestbook solution.
Proactive Monitoring: Review application and server logs for unusual activity or signs of unauthorized access attempts originating from external or internal sources.
Compensating Controls: Implement strict access control lists and use a WAF to filter malicious traffic directed at the guestbook application.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 1, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Administrators should treat this vulnerability with high priority. We recommend updating the affected software immediately or, if support is no longer provided, disabling the application to prevent potential exploitation.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
SIM-PKH 2
SIM-PKH 2
---METADATA---
VENDOR: HP
PRODUCT: SIM-PKH
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A security vulnerability identified as SIM-PKH 2 affects HP products.
Executive Summary:
A high-severity vulnerability in HP SIM-PKH requires immediate attention to prevent potential system compromise.
Vulnerability Details
CVE-ID: CVE-2018-25409
Affected Software: HP SIM-PKH
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: Details regarding the specific technical mechanism of this vulnerability are limited; however, it is classified as a high-severity issue that could potentially allow for unauthorized system interaction.
Business Impact
With a CVSS score of 8.8, this vulnerability poses a severe risk to the confidentiality and integrity of HP systems. Unauthorized access could result in significant operational disruption or the exposure of sensitive technical data.
Remediation Plan
Immediate Action: Apply all available vendor security updates and patches for the affected HP product immediately.
Proactive Monitoring: Review system access logs for anomalous behavior or unauthorized configuration changes in the SIM-PKH environment.
Compensating Controls: Restrict network access to the affected components using firewall rules to ensure only authorized personnel can interact with the system.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 31, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Organizations utilizing HP SIM-PKH should verify their current patch level against the latest vendor guidance. Given the 8.8 CVSS score, it is imperative to apply security updates as soon as they are made available to mitigate the risk of exploitation.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
eNdonesia Portal 8
eNdonesia Portal 8
---METADATA---
VENDOR: eNdonesia
PRODUCT: Portal
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A vulnerability exists within the eNdonesia Portal 8 software that may allow for unauthorized system interaction.
Executive Summary:
The eNdonesia Portal 8 platform is affected by a high-severity vulnerability that poses a significant risk to the integrity and availability of the portal environment.
Vulnerability Details
CVE-ID: CVE-2018-25407
Affected Software: eNdonesia Portal
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects the eNdonesia Portal 8 architecture, potentially allowing an attacker to exploit flaws within the application. Authentication requirements remain unclear, necessitating a cautious approach to perimeter security.
Business Impact
A successful exploitation of this vulnerability could lead to unauthorized access, potential data exfiltration, or service disruption. With a CVSS score of 8.2, this flaw is categorized as High, indicating that it could serve as a critical entry point for malicious actors to compromise organizational infrastructure.
Remediation Plan
Immediate Action: Consult the official vendor security bulletins for the latest patches or configuration hardening guides.
Proactive Monitoring: Review web server access logs for unusual request patterns or attempts to access restricted administrative directories.
Compensating Controls: Deploy a Web Application Firewall (WAF) with updated rulesets to detect and block common exploit payloads targeting web portal vulnerabilities.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 1, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the high CVSS score, administrators should treat this vulnerability with urgency. Organizations using eNdonesia Portal should verify their current versioning and apply all available security updates immediately to mitigate the risk of unauthorized access.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
eNdonesia Portal 8
eNdonesia Portal 8
---METADATA---
VENDOR: eNdonesia
PRODUCT: Portal
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A legacy vulnerability in eNdonesia Portal 8 allows for potential security compromises within the application environment.
Executive Summary:
A high-severity legacy vulnerability in eNdonesia Portal 8 poses a risk of unauthorized access and system exploitation.
Vulnerability Details
CVE-ID: CVE-2018-25406
Affected Software: eNdonesia Portal
Affected Versions: See vendor advisory for affected versions.
Vulnerability: The vulnerability involves security weaknesses in the eNdonesia Portal 8 application that could be exploited to perform unauthorized operations.
Business Impact
A CVSS score of 8.2 signifies a high risk to the business. Successful exploitation could result in the loss of sensitive data and unauthorized control over the portal's functionality.
Remediation Plan
Immediate Action: Apply the latest security updates or patches available for the eNdonesia Portal.
Proactive Monitoring: Monitor application access logs for irregular activity or unexpected administrative requests.
Compensating Controls: Deploy WAF rules to block known attack patterns and limit access to the portal from untrusted networks.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 1, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Security teams should treat this legacy vulnerability with urgency. If patches are unavailable, the application should be isolated or replaced to prevent exploitation of the known security flaws.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
eNdonesia Portal 8
eNdonesia Portal 8
---METADATA---
VENDOR: eNdonesia
PRODUCT: Portal
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A legacy vulnerability in eNdonesia Portal 8 has been identified, potentially exposing the application to unauthorized access.
Executive Summary:
A high-severity legacy vulnerability in eNdonesia Portal 8 may allow attackers to compromise the application.
Vulnerability Details
CVE-ID: CVE-2018-25405
Affected Software: eNdonesia Portal
Affected Versions: See vendor advisory for affected versions.
Vulnerability: The vulnerability relates to security flaws in the eNdonesia Portal 8 platform, which could be leveraged to gain unauthorized access or execute unauthorized actions.
Business Impact
The CVSS score of 8.2 indicates a high risk to the confidentiality and integrity of the portal's data. Compromise of the portal could lead to significant reputational damage and loss of sensitive information.
Remediation Plan
Immediate Action: Update the eNdonesia Portal application to the latest version or apply the provided vendor security patches.
Proactive Monitoring: Audit application logs for signs of unauthorized access or malicious input attempts.
Compensating Controls: Use a Web Application Firewall (WAF) to filter out potentially malicious traffic targeting the portal.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 1, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Organizations still running eNdonesia Portal 8 should prioritize migrating to a supported version or alternative solution, as legacy platforms are increasingly targeted by attackers.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
HaPe PKH 1
HaPe PKH 1
---METADATA---
VENDOR: HP
PRODUCT: HaPe PKH
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: low
MISSING: versions, patch, exploit_status, technical_details
---END_METADATA---
Description Summary:
This advisory concerns a vulnerability affecting the HP HaPe PKH product, for which limited technical information is currently available.
Executive Summary:
A vulnerability identified in HP HaPe PKH necessitates immediate investigation and review of vendor security bulletins to determine the specific risk profile.
Vulnerability Details
CVE-ID: CVE-2018-25388
Affected Software: HP HaPe PKH
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The provided data lacks sufficient technical details to characterize the specific vulnerability mechanism. Users should consult official HP security advisories to understand the nature of the flaw and the required authentication requirements.
Business Impact
With a CVSS score of 8.8, this vulnerability represents a high-risk security event. Organizations utilizing HP HaPe PKH should assume that failure to address this issue could lead to unauthorized system access, data integrity loss, or service disruption.
Remediation Plan
Immediate Action: Monitor official HP support channels and security portals for the release of patches or configuration mitigations.
Proactive Monitoring: Audit logs for unusual administrative activity or unauthorized access attempts directed at the affected HP application.
Compensating Controls: Utilize endpoint protection and network-based intrusion detection systems to monitor for anomalous behavior associated with the affected product.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 30, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Due to the sparse information provided in the source data, security teams should prioritize verifying their current software version against the latest vendor-released documentation. Ensure that all affected systems are monitored closely until a formal patch is applied.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Redaxo CMS Mediapool Addon 5
Redaxo CMS Mediapool Addon 5
---METADATA---
VENDOR: Redaxo
PRODUCT: Mediapool Addon
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
The Redaxo CMS Mediapool Addon for version 5 is vulnerable to an unspecified security flaw.
Executive Summary:
A high-severity vulnerability in the Redaxo CMS Mediapool Addon for version 5 requires immediate remediation to prevent potential unauthorized access.
Vulnerability Details
CVE-ID: CVE-2018-25353
Affected Software: Redaxo Mediapool Addon
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This is a legacy vulnerability affecting the Mediapool Addon for Redaxo CMS. While historical, the high CVSS score indicates that it remains a serious risk if the addon is still in use on legacy systems.
Business Impact
A CVSS score of 8.8 suggests that successful exploitation could lead to significant system compromise. For organizations still running older Redaxo installations, this vulnerability could result in data loss or unauthorized access to media and file management systems.
Remediation Plan
Immediate Action: Update the Redaxo Mediapool Addon to the latest version or migrate away from unsupported versions of the CMS.
Proactive Monitoring: Review file system logs for unauthorized uploads or modifications in the media directory.
Compensating Controls: Isolate the legacy CMS environment and ensure it is not reachable from the public internet if it cannot be updated.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 27, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Legacy software often presents significant security risks. Organizations should prioritize updating or deprecating the Redaxo Mediapool Addon to eliminate this high-severity vulnerability from their infrastructure.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Zechat 1
Zechat 1
---METADATA---
VENDOR: Zechat
PRODUCT: Zechat
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: low
MISSING: patch, exploit_status, technical_details
---END_METADATA---
Description Summary:
A vulnerability exists within Zechat version 1.
Executive Summary:
The Zechat application contains a security vulnerability that requires urgent attention to prevent potential system compromise.
Vulnerability Details
CVE-ID: CVE-2018-25339
Affected Software: Zechat
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects Zechat version 1. The specific technical details regarding the nature of this flaw remain insufficiently documented in the source data, necessitating a review of the vendor's security advisory.
Business Impact
The CVSS score of 8.2 classifies this vulnerability as High-severity. Unauthorized access or exploitation of this flaw could lead to significant business impact, including the compromise of user data and potential service-level disruption. Organizations should treat this as a priority item for remediation.
Remediation Plan
Immediate Action: Upgrade to the latest version of Zechat as recommended by the vendor to resolve the underlying security issue.
Proactive Monitoring: Review application access logs for anomalous behavior and unauthorized access attempts directed at the Zechat platform.
Compensating Controls: If an update is not immediately feasible, deploy a Web Application Firewall (WAF) with rules configured to block common exploit patterns against messaging applications.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 18, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the High-severity CVSS score and the age of the vulnerability, it is critical to determine if your organization is running version 1 of Zechat. Immediate patching or migration to a supported version is strongly advised to mitigate the elevated risk to your infrastructure.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Zechat 1
Zechat 1
---METADATA---
VENDOR: Infor
PRODUCT: Zechat
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: low
MISSING: versions, patch, technical_details
---END_METADATA---
Description Summary:
A vulnerability exists in the Zechat software by Infor. Specific technical details regarding the nature of the flaw are currently limited.
Executive Summary:
The Zechat application by Infor contains a security vulnerability that poses a high risk to organizational data integrity and system availability.
Vulnerability Details
CVE-ID: CVE-2018-25338
Affected Software: Infor Zechat
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability is currently identified as a generic security flaw within the Zechat software. Due to insufficient technical disclosure, the specific authentication requirements and exploit vector remain unconfirmed.
Business Impact
With a CVSS score of 8.2, this vulnerability represents a high-severity risk to the organization. Successful exploitation could lead to unauthorized system access, potential data breaches, or significant service disruption, directly impacting business continuity and operational security.
Remediation Plan
Immediate Action: Consult the official Infor security portal to identify if a patch has been released for your specific deployment.
Proactive Monitoring: Monitor system and application logs for unusual patterns or unauthorized access attempts originating from the Zechat service.
Compensating Controls: Implement strict network segmentation and ensure the application is not exposed directly to the public internet until further details are available.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 18, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the high CVSS score, the potential for exploitation is significant, and proactive defense is recommended.
Analyst Recommendation
Given the high severity rating, it is critical to treat this vulnerability as a priority. Security teams should maintain close contact with the vendor for updates and restrict access to the affected software until a formal patch is applied.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability allowing unauthenticated remote code execution via the upload.php e...
WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability allowing unauthenticated remote code execution via the upload.php endpoint.
---METADATA---
VENDOR: WordPress
PRODUCT: Plugin Peugeot
AFFECTED_VERSIONS: 1.0
---END_METADATA---
Description Summary:
WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability allowing unauthenticated remote code execution via the upload.php endpoint.
Executive Summary:
An unauthenticated arbitrary file upload vulnerability in the WordPress Plugin Peugeot Music allows attackers to execute malicious code on the server, posing a critical risk to site integrity.
Vulnerability Details
CVE-ID: CVE-2018-25335
Affected Software: WordPress Plugin Peugeot
Affected Versions: 1.0
Vulnerability: The vulnerability exists in the upload.php endpoint, which fails to properly validate file extensions during the upload process. This allows unauthenticated attackers to upload and execute arbitrary files, including web shells, within the uploads directory.
Business Impact
Successful exploitation of this vulnerability leads to full server compromise, enabling attackers to execute arbitrary code, modify site content, or exfiltrate sensitive database information. Given the CVSS score of 9.8, this flaw represents a maximum-severity risk that could result in total service takeover and significant reputational damage.
Remediation Plan
Immediate Action: Update the WordPress Plugin Peugeot to the latest available version provided by the developer. If no patch exists, disable or remove the plugin immediately to neutralize the vector.
Proactive Monitoring: Review web server access logs for anomalous requests to the upload.php file and scan the /wp-content/uploads/ directory for suspicious script files.
Compensating Controls: Implement a Web Application Firewall (WAF) rule to block POST requests to the upload.php file from unauthorized sources or to restrict file types permitted in the upload directory.
Exploitation Status
Public Exploit Available: Unknown
Analyst Notes: As of May 17, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This vulnerability is critical and requires immediate intervention to prevent unauthorized code execution. Administrators should prioritize patching or removing the plugin, as the lack of authentication makes this an easy target for automated exploitation tools.
Update WordPress Plugin Peugeot to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
Nordex N149/4
Nordex N149/4
---METADATA---
VENDOR: Nordex
PRODUCT: N149/4
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: low
MISSING: versions, patch, technical_details
---END_METADATA---
Description Summary:
A security vulnerability has been identified in the Nordex N149/4 platform. Specific technical details regarding the exploit vector are currently unavailable.
Executive Summary:
The Nordex N149/4 platform is affected by a high-severity vulnerability that could lead to unauthorized system impact.
Vulnerability Details
CVE-ID: CVE-2018-25333
Affected Software: Nordex N149/4
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability involves an unspecified security weakness in the Nordex N149/4 system. The exact technical nature of the flaw and the necessary authentication level for an attacker are not currently documented.
Business Impact
The CVSS score of 8.2 highlights a high risk of operational impact. If exploited, this vulnerability could compromise the availability or integrity of the N149/4 system, potentially leading to operational downtime or unauthorized access to sensitive control environments.
Remediation Plan
Immediate Action: Verify the status of the affected hardware/software with the manufacturer and apply any available security patches immediately.
Proactive Monitoring: Review system logs for anomalous activity and ensure that all management interfaces for the N149/4 are isolated from untrusted networks.
Compensating Controls: Utilize network-level access controls to limit communication with the affected system to authorized hosts only.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 18, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Organizations utilizing the Nordex N149/4 should prioritize assessing their exposure. Until comprehensive technical documentation or a patch is provided, minimize the attack surface by enforcing strict network access controls.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
GitBucket 4.23.1 is vulnerable to unauthenticated remote code execution due to weak secret token generation and insecure file upload handling.
GitBucket 4.23.1 is vulnerable to unauthenticated remote code execution due to weak secret token generation and insecure file upload handling.
---METADATA---
VENDOR: GitBucket
PRODUCT: GitBucket
AFFECTED_VERSIONS: 4.23.1
---END_METADATA---
Description Summary:
GitBucket 4.23.1 is vulnerable to unauthenticated remote code execution due to weak secret token generation and insecure file upload handling.
Executive Summary:
An unauthenticated remote code execution flaw in GitBucket 4.23.1 allows attackers to gain full system control through token brute-forcing and malicious plugin injection.
Vulnerability Details
CVE-ID: CVE-2018-25332
Affected Software: GitBucket GitBucket
Affected Versions: 4.23.1
Vulnerability: The vulnerability stems from weak Blowfish encryption key generation and an insecure git-lfs endpoint. An unauthenticated attacker can brute-force the encryption key, upload a malicious JAR file as a plugin, and trigger execution via an exposed endpoint.
Business Impact
This vulnerability allows an attacker to achieve Remote Code Execution (RCE) with the privileges of the GitBucket service. With a CVSS score of 9.8, the business impact includes complete loss of confidentiality, integrity, and availability, potentially exposing sensitive source code repositories and credentials.
Remediation Plan
Immediate Action: Upgrade to the latest version of GitBucket immediately to secure the secret token generation and the plugin upload mechanism.
Proactive Monitoring: Monitor system logs for unauthorized attempts to access the git-lfs endpoint or unusual plugin installation events.
Compensating Controls: Restrict network access to the GitBucket instance to trusted IP ranges and monitor for brute-force attempts against authentication or encryption keys.
Exploitation Status
Public Exploit Available: Unknown
Analyst Notes: As of May 17, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the severity of this RCE vulnerability, immediate patching is mandatory. Organizations must ensure that their GitBucket deployment is not exposed to the public internet until the update is applied and the environment is verified as secure.
Update GitBucket Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
Joomla! extension EkRishta 2
Joomla! extension EkRishta 2
---METADATA---
VENDOR: Joomla
PRODUCT: EkRishta
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A vulnerability exists in the Joomla extension EkRishta, potentially allowing unauthorized access or control over the affected site.
Executive Summary:
A high-severity vulnerability in the Joomla EkRishta extension requires immediate attention to protect site operations and data integrity.
Vulnerability Details
CVE-ID: CVE-2018-25330
Affected Software: Joomla EkRishta
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability affects the EkRishta extension for the Joomla CMS. While exact details are pending, a CVSS score of 8.2 suggests a high risk of unauthorized access to the application or its underlying data.
Business Impact
An 8.2 CVSS score indicates that successful exploitation could lead to significant unauthorized access, potentially impacting user data or site functionality. For businesses relying on Joomla for their web presence, this poses a risk to both security and brand reputation.
Remediation Plan
Immediate Action: Check the Joomla Extensions Directory for updates to the EkRishta extension and apply them immediately.
Proactive Monitoring: Scan the web server for unauthorized file changes or unusual administrative activity related to the extension.
Compensating Controls: Use a Web Application Firewall (WAF) to filter malicious requests directed at the extension's vulnerable endpoints.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 18, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Promptly update the EkRishta extension. If a patch is not available, consider disabling the extension until one is provided to minimize exposure to potential threats.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
WordPress Plugin WP with Spritz 1
WordPress Plugin WP with Spritz 1
---METADATA---
VENDOR: WordPress
PRODUCT: WP with Spritz Plugin
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A security vulnerability has been identified in the WordPress plugin "WP with Spritz." The vulnerability requires immediate review and mitigation by site administrators.
Executive Summary:
A high-severity vulnerability in the WordPress WP with Spritz plugin poses a risk of site compromise, requiring immediate updates or removal of the affected component.
Vulnerability Details
CVE-ID: CVE-2018-25329
Affected Software: WordPress WP with Spritz plugin
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects the WordPress plugin WP with Spritz. Given the context of WordPress plugin vulnerabilities, it likely involves improper input validation or lack of capability checks, potentially allowing unauthorized actions.
Business Impact
A CVSS score of 7.5 reflects a high risk to the availability and integrity of the WordPress installation. Exploitation could result in unauthorized configuration changes, site defacement, or the injection of malicious content, causing severe reputational damage.
Remediation Plan
Immediate Action: Update the WP with Spritz plugin to the latest version if available; if no update exists, deactivate and uninstall the plugin immediately to remove the attack vector.
Proactive Monitoring: Review WordPress user activity logs and file integrity monitoring reports for any unauthorized changes or suspicious plugin behavior.
Compensating Controls: Use a Web Application Firewall (WAF) with updated rulesets to block common WordPress exploit patterns targeting vulnerable plugins.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 18, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
WordPress administrators should audit their installed plugins immediately to determine if this component is present. If the plugin is not essential for business operations, the most effective remediation is the permanent removal of the vulnerable code.
Update WordPress plugin/theme to the latest version. Review WordPress security settings and remove if no longer needed.
VX Search 10
VX Search 10
---METADATA---
VENDOR: VX Search
PRODUCT: VX Search
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: low
MISSING: versions, patch, technical_details
---END_METADATA---
Description Summary:
A security vulnerability has been identified within the VX Search 10 software. Specific technical details regarding the nature of this flaw are currently limited.
Executive Summary:
The VX Search 10 software contains a security vulnerability that presents a substantial risk to information systems and data security.
Vulnerability Details
CVE-ID: CVE-2018-25328
Affected Software: VX Search 10
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability pertains to an unspecified security flaw within VX Search 10. The lack of detailed technical documentation prevents a definitive assessment of the authentication requirements or the specific attack vector.
Business Impact
With a CVSS score of 8.4, this vulnerability is categorized as high-severity. Successful exploitation could result in significant unauthorized access or system manipulation, posing a serious threat to the confidentiality and integrity of data processed by the application.
Remediation Plan
Immediate Action: Check the official VX Search website or vendor advisory notices for the latest security updates and apply them as soon as they are made available.
Proactive Monitoring: Monitor the application for unexpected behavior, such as unauthorized file access or anomalous system resource consumption.
Compensating Controls: If a patch is not immediately available, restrict access to the VX Search interface to authenticated users on a trusted network segment.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 18, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
The high CVSS score necessitates immediate attention. Administrators should ensure that the affected software is monitored closely and that security patches are applied as the primary remediation step once released by the vendor.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Google Drive for WordPress 2
Google Drive for WordPress 2
---METADATA---
VENDOR: Google
PRODUCT: Drive for WordPress
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
Google Drive for WordPress contains an unspecified security vulnerability that requires immediate attention from system administrators.
Executive Summary:
A high-severity vulnerability has been identified in Google Drive for WordPress, requiring immediate updates to protect the application environment.
Vulnerability Details
CVE-ID: CVE-2018-25326
Affected Software: Google Drive for WordPress
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability details are currently limited, but it is classified as a high-severity flaw. Users are advised to monitor the vendor’s security documentation for specific technical impacts and patch requirements.
Business Impact
With a CVSS score of 7.5, this vulnerability represents a significant risk to site security. Potential impacts include unauthorized access to integrated Google Drive data or service disruption, which could affect business operations and data privacy.
Remediation Plan
Immediate Action: Check the official WordPress plugin repository or the vendor’s website for security updates and apply them immediately.
Proactive Monitoring: Review plugin activity logs for anomalous behavior or unauthorized data access attempts.
Compensating Controls: Ensure the plugin is not exposed to unnecessary permissions and utilize standard web security hardening practices.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 18, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Security teams should treat this update with urgency. Verify the version currently in use and apply all available security patches to mitigate potential unauthorized access to your cloud storage integrations.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Woocommerce CSV Importer 3
Woocommerce CSV Importer 3
---METADATA---
VENDOR: WooCommerce
PRODUCT: CSV Importer
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: low
MISSING: versions, patch, technical_details
---END_METADATA---
Description Summary:
The WooCommerce CSV Importer plugin contains an unspecified vulnerability that may allow for unauthorized data processing or system compromise.
Executive Summary:
A high-severity vulnerability in the WooCommerce CSV Importer plugin poses a significant risk of unauthorized system access or data manipulation.
Vulnerability Details
CVE-ID: CVE-2018-25325
Affected Software: WooCommerce CSV Importer
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability relates to the CSV Importer component; however, specific technical details regarding the authentication requirements and entry point are currently insufficient. Without further disclosure, it must be assumed that the flaw could potentially be exploited by unauthenticated remote attackers.
Business Impact
The CVSS score of 7.5 indicates a high-severity risk that could lead to unauthorized data import or system configuration changes. Successful exploitation could result in the compromise of sensitive e-commerce data, store downtime, or the injection of malicious content into the database, causing severe reputational and financial damage.
Remediation Plan
Immediate Action: Audit all active plugins for the presence of the vulnerable WooCommerce CSV Importer and restrict access to administrative functions until vendor patches are applied.
Proactive Monitoring: Monitor server access logs for unusual POST requests or file upload patterns associated with the CSV Importer functionality.
Compensating Controls: Implement a Web Application Firewall (WAF) rule to filter suspicious incoming traffic targeting CSV import endpoints.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 18, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the high CVSS score, organizations should prioritize identifying if this plugin is currently in use within their production environments. Until a vendor-supplied patch is confirmed and deployed, disable the functionality entirely to eliminate the attack surface.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Allok AVI DivX MPEG to DVD Converter 2
Allok AVI DivX MPEG to DVD Converter 2
---METADATA---
VENDOR: Allok
PRODUCT: AVI DivX MPEG to DVD Converter
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: low
MISSING: versions, patch, technical_details
---END_METADATA---
Description Summary:
Allok AVI DivX MPEG to DVD Converter contains a security vulnerability that may allow for arbitrary code execution or system compromise.
Executive Summary:
A critical vulnerability in Allok AVI DivX MPEG to DVD Converter exposes users to potential remote code execution and unauthorized system control.
Vulnerability Details
CVE-ID: CVE-2018-25323
Affected Software: Allok AVI DivX MPEG to DVD Converter
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The software contains an unspecified flaw that, given the high CVSS score of 8.4, likely involves memory corruption or improper handling of input files. The vulnerability can be triggered by processing malicious media files, potentially requiring user interaction to execute.
Business Impact
A CVSS score of 8.4 signifies a critical risk where an attacker could gain elevated privileges or execute arbitrary code on the host system. This could lead to a total compromise of the workstation, including the exfiltration of sensitive local files and the installation of persistent malware.
Remediation Plan
Immediate Action: Cease use of the affected converter software and uninstall it from all workstations until a security-hardened update is provided by the vendor.
Proactive Monitoring: Monitor endpoints for unusual process spawning or unexpected outbound network connections originating from the converter application.
Compensating Controls: Utilize endpoint protection software to scan all media files before processing and restrict the application's network access via host-based firewalls.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 18, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Users should treat this vulnerability as critical due to the potential for full system compromise. Remove the application immediately and await official guidance from the vendor before considering re-installation of the software.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Allok Fast AVI MPEG Splitter 1
Allok Fast AVI MPEG Splitter 1
---METADATA---
VENDOR: Allok
PRODUCT: Fast AVI MPEG Splitter
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: low
MISSING: versions, patch, technical_details
---END_METADATA---
Description Summary:
The Allok Fast AVI MPEG Splitter application contains a critical vulnerability that may allow for unauthorized system access or code execution.
Executive Summary:
A critical security vulnerability in the Allok Fast AVI MPEG Splitter software presents a significant risk of arbitrary code execution and system exploitation.
Vulnerability Details
CVE-ID: CVE-2018-25322
Affected Software: Allok Fast AVI MPEG Splitter
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The application is susceptible to an unspecified vulnerability that likely involves flawed input validation. With a CVSS score of 8.4, the flaw is severe and could facilitate unauthorized code execution if an attacker provides a specially crafted file to the splitter.
Business Impact
The CVSS score of 8.4 highlights a severe threat to system integrity and confidentiality. Exploitation could allow an attacker to bypass security controls, leading to unauthorized access to local resources, potential data theft, or complete system takeover.
Remediation Plan
Immediate Action: Uninstall the affected software immediately, as no patch is currently verified; do not process untrusted files with this utility.
Proactive Monitoring: Review system logs for signs of application crashes or unusual execution patterns that may indicate a failed or successful attempt at exploitation.
Compensating Controls: Employ application whitelisting and ensure that all media processing tools are run in a restricted or sandboxed environment to prevent lateral movement.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 18, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the critical nature of this vulnerability, immediate uninstallation is the only effective mitigation at this time. Security teams should ensure that all instances of this software are identified and removed from the environment to prevent potential compromise.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
ACL Analytics versions 11.x through 13.0.0.579 contain a command execution vulnerability allowing attackers to run arbitrary system commands via the E...
ACL Analytics versions 11.x through 13.0.0.579 contain a command execution vulnerability allowing attackers to run arbitrary system commands via the EXECUTE function.
---METADATA---
VENDOR: ACL Analytics
PRODUCT: ACL Analytics
AFFECTED_VERSIONS: 11.x through 13.0.0.579
---END_METADATA---
Description Summary:
ACL Analytics versions 11.x through 13.0.0.579 contain a command execution vulnerability allowing attackers to run arbitrary system commands via the EXECUTE function.
Executive Summary:
A critical arbitrary code execution vulnerability in ACL Analytics allows attackers to execute system-level commands, leading to full system compromise.
Vulnerability Details
CVE-ID: CVE-2018-25320
Affected Software: ACL Analytics ACL Analytics
Affected Versions: 11.x through 13.0.0.579
Vulnerability: The application improperly handles the EXECUTE function, which can be leveraged by an attacker to invoke external tools like bitsadmin. This allows for the download and execution of malicious PowerShell scripts with elevated system privileges.
Business Impact
The ability to execute commands with system privileges grants an attacker complete control over the host machine. Given the CVSS score of 9.8, the risk of data theft, lateral movement within the network, and the deployment of ransomware is extreme.
Remediation Plan
Immediate Action: Apply the latest security patches provided by the vendor. If an update is not available for a specific version, restrict the use of the EXECUTE function.
Proactive Monitoring: Monitor for unexpected PowerShell activity or the spawning of processes by the ACL Analytics application.
Compensating Controls: Use Endpoint Detection and Response (EDR) solutions to block unauthorized execution of bitsadmin or suspicious PowerShell scripts originating from the application.
Exploitation Status
Public Exploit Available: Unknown
Analyst Notes: As of May 17, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This is a critical vulnerability that provides a direct path to system-level access. Organizations using affected versions of ACL Analytics must prioritize upgrading to a patched version to prevent potential system-wide compromise.
Update ACL Analytics Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
Redaxo CMS Addon MyEvents 2
Redaxo CMS Addon MyEvents 2
---METADATA---
VENDOR: Redaxo
PRODUCT: CMS Addon MyEvents 2
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: low
MISSING: versions, patch, exploit_status, technical_details
---END_METADATA---
Description Summary:
A vulnerability has been identified in the Redaxo CMS Addon MyEvents 2. Specific technical details regarding the exploit vector remain undisclosed.
Executive Summary:
The Redaxo CMS MyEvents 2 addon contains an unspecified vulnerability that poses a high risk to the integrity and availability of the affected content management system.
Vulnerability Details
CVE-ID: CVE-2018-25319
Affected Software: Redaxo CMS Addon MyEvents 2
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability involves an unspecified flaw within the MyEvents 2 addon for Redaxo CMS. Due to the lack of granular technical documentation, the authentication requirements for exploitation cannot be definitively determined.
Business Impact
The vulnerability carries a CVSS score of 7.1, classifying it as High severity. Successful exploitation could lead to unauthorized system access, potential data manipulation, or service disruption within the CMS environment, directly impacting business operations and site security.
Remediation Plan
Immediate Action: Consult the official Redaxo vendor advisory to determine the current patch status and apply all security updates immediately.
Proactive Monitoring: Review web server and CMS access logs for anomalous patterns or unauthorized administrative attempts.
Compensating Controls: Deploy a Web Application Firewall (WAF) with updated rulesets to filter potentially malicious traffic directed at the CMS.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 18, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the High severity rating, administrators must prioritize identifying if this addon is deployed within their infrastructure. Verify the version in use against vendor documentation and apply updates as soon as they become available to mitigate the risk of exploitation.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Tenda FH303/A300 routers contain a session weakness that allows unauthenticated attackers to modify DNS settings via insufficient cookie validation.
Tenda FH303/A300 routers contain a session weakness that allows unauthenticated attackers to modify DNS settings via insufficient cookie validation.
---METADATA---
VENDOR: Tenda
PRODUCT: FH303/A300
AFFECTED_VERSIONS: V5.07.68_EN
---END_METADATA---
Description Summary:
Tenda FH303/A300 routers contain a session weakness that allows unauthenticated attackers to modify DNS settings via insufficient cookie validation.
Executive Summary:
A critical session vulnerability in Tenda FH303/A300 routers allows unauthenticated remote attackers to modify DNS settings and redirect network traffic.
Vulnerability Details
CVE-ID: CVE-2018-25318
Affected Software: Tenda FH303/A300
Affected Versions: V5.07.68_EN
Vulnerability: The device fails to properly validate cookies during session management, allowing an unauthenticated attacker to manipulate DNS configurations through the '/goform/AdvSetDns' endpoint.
Business Impact
With a CVSS score of 9.8, this vulnerability poses a severe risk to network security, enabling attackers to conduct man-in-the-middle attacks. Users may be silently redirected to malicious websites, leading to compromised credentials and malware infections.
Remediation Plan
Immediate Action: Update the device firmware to the latest version released by Tenda.
Proactive Monitoring: Monitor network traffic for anomalous DNS resolution patterns and verify that DNS settings have not been altered.
Compensating Controls: Restrict administrative access to the router's management interface to local, trusted network segments.
Exploitation Status
Public Exploit Available: Unknown
Analyst Notes: As of April 29, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Administrators must prioritize patching this vulnerability to prevent traffic redirection. Where patching is not possible, the device should be isolated or replaced to maintain network integrity.
Update Tenda FH303 to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
Tenda wireless routers contain a cookie session weakness allowing unauthenticated attackers to modify DNS settings through insufficient session valida...
Tenda wireless routers contain a cookie session weakness allowing unauthenticated attackers to modify DNS settings through insufficient session validation.
---METADATA---
VENDOR: Tenda
PRODUCT: W3002R/A302/W309R
AFFECTED_VERSIONS: V5.07.64_en
---END_METADATA---
Description Summary:
Tenda wireless routers contain a cookie session weakness allowing unauthenticated attackers to modify DNS settings through insufficient session validation.
Executive Summary:
A critical session validation vulnerability in Tenda wireless routers allows unauthenticated remote attackers to modify DNS settings and redirect user traffic.
Vulnerability Details
CVE-ID: CVE-2018-25317
Affected Software: Tenda W3002R/A302/W309R
Affected Versions: V5.07.64_en
Vulnerability: The device fails to properly validate administrative session cookies, allowing an unauthenticated attacker to send requests to the DNS configuration endpoint and redirect traffic to malicious servers.
Business Impact
With a CVSS score of 9.8, this flaw allows for large-scale man-in-the-middle attacks. Attackers can redirect all traffic from the affected network to malicious sites, facilitating credential harvesting, malware delivery, and data exfiltration.
Remediation Plan
Immediate Action: Update the device firmware to the latest available version provided by the manufacturer.
Proactive Monitoring: Check router DNS settings periodically for unauthorized changes and monitor traffic for suspicious redirects.
Compensating Controls: If a patch is unavailable, disable remote management and restrict access to the administrative interface to local, trusted devices only.
Exploitation Status
Public Exploit Available: Unknown
Analyst Notes: As of April 29, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This legacy vulnerability remains a significant risk for affected hardware. Administrators should prioritize upgrading the firmware or replacing the affected hardware if a patch is not available.
Update Tenda W3002R to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
Tenda W308R v2 routers contain a cookie session weakness that allows unauthenticated attackers to modify DNS settings by exploiting insufficient sessi...
Tenda W308R v2 routers contain a cookie session weakness that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation.
---METADATA---
VENDOR: Tenda
PRODUCT: W308R v2
AFFECTED_VERSIONS: V5.07.48
---END_METADATA---
Description Summary:
Tenda W308R v2 routers contain a cookie session weakness that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation.
Executive Summary:
A critical session validation vulnerability in Tenda W308R v2 routers allows unauthenticated attackers to modify DNS settings and intercept network traffic.
Vulnerability Details
CVE-ID: CVE-2018-25316
Affected Software: Tenda W308R v2
Affected Versions: V5.07.48
Vulnerability: Insufficient validation of administrative cookies allows unauthenticated users to access the '/goform/AdvSetDns' endpoint and change DNS server configurations.
Business Impact
The CVSS score of 9.8 highlights the severity of this issue, as it permits attackers to perform transparent traffic interception. This can lead to the theft of sensitive data and the deployment of malicious payloads to all connected clients on the network.
Remediation Plan
Immediate Action: Update the router firmware to the most recent version available from the vendor.
Proactive Monitoring: Regularly audit the router configuration for unauthorized DNS changes and monitor logs for unusual access to management endpoints.
Compensating Controls: Disable remote administrative access and ensure that only authorized devices are connected to the network management segment.
Exploitation Status
Public Exploit Available: Unknown
Analyst Notes: As of April 29, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This vulnerability requires immediate attention for any active deployments. Given the potential for traffic redirection, verifying the integrity of the current DNS settings is a critical first step.
Update Tenda W308R v2 to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
Alloksoft Video joiner 4
Alloksoft Video joiner 4
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Allok soft WMV to AVI MPEG DVD WMV Converter 4
Allok soft WMV to AVI MPEG DVD WMV Converter 4
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
MyBB Recent threads 17
MyBB Recent threads 17
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
BuddyPress Xprofile Custom Fields Type 2
BuddyPress Xprofile Custom Fields Type 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
SysGauge Pro 4
SysGauge Pro 4
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Free Download Manager 2
Free Download Manager 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Allok Video to DVD Burner 2
Allok Video to DVD Burner 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Allok AVI to DVD SVCD VCD Converter 4
Allok AVI to DVD SVCD VCD Converter 4
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Easy MPEG to DVD Burner 1
Easy MPEG to DVD Burner 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
XATABoost CMS 1
XATABoost CMS 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Prime95 29
Prime95 29
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
CEWE Photoshow 6
CEWE Photoshow 6
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
iSmartViewPro 1
iSmartViewPro 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
ELBA5 5.8.0 contains a hardcoded credential and RCE vulnerability, allowing attackers to execute commands with SYSTEM-level privileges.
ELBA5 5.8.0 contains a hardcoded credential and RCE vulnerability, allowing attackers to execute commands with SYSTEM-level privileges.
---METADATA---
VENDOR: ELBA5
PRODUCT: ELBA5
AFFECTED_VERSIONS: 5.8.0
---END_METADATA---
Description Summary:
ELBA5 5.8.0 contains a hardcoded credential and RCE vulnerability, allowing attackers to execute commands with SYSTEM-level privileges.
Executive Summary:
A critical remote code execution vulnerability in ELBA5 allows attackers to gain full system control using default database credentials.
Vulnerability Details
CVE-ID: CVE-2018-25272
Affected Software: ELBA5
Affected Versions: 5.8.0
Vulnerability: The application uses default connector credentials, which can be leveraged to access the database, decrypt administrative passwords, and execute system commands via xp_cmdshell.
Business Impact
This vulnerability provides an attacker with complete control over the host server, including the ability to exfiltrate data, install backdoors, and disrupt operations. The CVSS score of 9.8 reflects the extreme severity of a SYSTEM-level compromise.
Remediation Plan
Immediate Action: Update to the latest version of ELBA5 and change all default database credentials immediately.
Proactive Monitoring: Monitor system logs for the use of xp_cmdshell or the creation of unauthorized database users.
Compensating Controls: Restrict network access to the database and application servers to prevent unauthorized connection attempts using default credentials.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Apr 22, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This vulnerability is exceptionally dangerous due to the use of default credentials. Organizations must ensure that all default passwords are changed and the software is updated to a patched version immediately to mitigate this risk.
Update ELBA5 Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
ThinkPHP 5.0.23 contains a remote code execution vulnerability that allows unauthenticated attackers to execute commands via malicious routing paramet...
ThinkPHP 5.0.23 contains a remote code execution vulnerability that allows unauthenticated attackers to execute commands via malicious routing parameters.
---METADATA---
VENDOR: ThinkPHP
PRODUCT: ThinkPHP
AFFECTED_VERSIONS: 5.0.23
---END_METADATA---
Description Summary:
ThinkPHP 5.0.23 contains a remote code execution vulnerability that allows unauthenticated attackers to execute commands via malicious routing parameters.
Executive Summary:
An unauthenticated remote code execution vulnerability in ThinkPHP 5.0.23 allows attackers to execute arbitrary system commands, leading to full server compromise.
Vulnerability Details
CVE-ID: CVE-2018-25270
Affected Software: ThinkPHP ThinkPHP
Affected Versions: 5.0.23
Vulnerability: This is an unauthenticated remote code execution vulnerability that occurs because the framework fails to properly sanitize functions invoked through the routing parameter.
Business Impact
As this vulnerability is exploitable by unauthenticated attackers, it represents a significant threat to internet-facing infrastructure. Successful exploitation results in complete system compromise, allowing attackers to install backdoors, steal sensitive data, or use the server as a pivot point for further attacks. The CVSS score of 9.8 reflects the extreme severity and ease of exploitation.
Remediation Plan
Immediate Action: Update to the latest patched version of ThinkPHP provided by the vendor.
Proactive Monitoring: Monitor web server logs for suspicious requests containing function call patterns or unexpected characters in URL parameters.
Compensating Controls: Deploy WAF signatures specifically designed to detect and block ThinkPHP remote code execution attempts.
Exploitation Status
Public Exploit Available: Yes
Analyst Notes: As of Apr 22, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the availability of public exploits and the unauthenticated nature of this vulnerability, immediate remediation is critical. Organizations using ThinkPHP 5.0.23 must update their framework to a secure version to prevent unauthorized remote control of their systems.
Update HP code by to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
LanSpy 2
LanSpy 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
LanSpy 2
LanSpy 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Faleemi Desktop Software 1
Faleemi Desktop Software 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Iperius Backup 5
Iperius Backup 5
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
MAGIX Music Editor 3
MAGIX Music Editor 3
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Terminal Services Manager 3
Terminal Services Manager 3
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
---METADATA---
VENDOR: AiOPMSD
PRODUCT: AiOPMSD
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
A high-severity vulnerability exists in AiOPMSD Final 1, which could allow for unauthorized system access.
Executive Summary:
AiOPMSD contains a high-severity vulnerability that poses a significant risk to the security and integrity of the application.
Vulnerability Details
CVE-ID: CVE-2018-25416
Affected Software: AiOPMSD
Affected Versions: See vendor advisory for affected versions
Vulnerability: The application contains a flaw that could be leveraged by an attacker to gain unauthorized access or execute commands, potentially compromising the host system.
Business Impact
With a CVSS score of 8.2, this vulnerability represents a high risk. Unauthorized exploitation could result in data loss, system downtime, or reputational damage, all of which directly impact the business.
Remediation Plan
Immediate Action: Update to the latest version of AiOPMSD immediately to remediate the vulnerability. Verify that all security patches have been successfully applied.
Proactive Monitoring: Monitor for suspicious activity or unauthorized access attempts on systems hosting AiOPMSD.
Compensating Controls: Implement network segmentation and use a WAF to provide a layer of virtual patching against potential exploitation.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 1, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Due to the high CVSS score, it is crucial that organizations address this vulnerability immediately. Ensure that all systems are patched and that security monitoring is active to detect any potential exploitation attempts.