2018 CVE Vulnerabilities
17,817 CVEs published in 2018.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2018-25407 | HIGH | 8.8 | 0.3% | May 30, 2026 | eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arb... |
| CVE-2018-25406 | HIGH | 8.8 | 0.3% | May 30, 2026 | eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arb... |
| CVE-2018-25405 | HIGH | 8.8 | 0.3% | May 30, 2026 | eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arb... |
| CVE-2018-25404 | HIGH | 8.8 | 0.3% | May 29, 2026 | The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arb... |
| CVE-2018-25403 | HIGH | 8.8 | 0.3% | May 29, 2026 | The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arb... |
| CVE-2018-25402 | HIGH | 8.8 | 0.3% | May 29, 2026 | The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arb... |
| CVE-2018-25401 | HIGH | 8.8 | 0.3% | May 29, 2026 | The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arb... |
| CVE-2018-25400 | HIGH | 8.8 | 0.3% | May 29, 2026 | The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arb... |
| CVE-2018-25399 | HIGH | 8.8 | 0.3% | May 29, 2026 | The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arb... |
| CVE-2018-25398 | HIGH | 8.8 | 0.3% | May 29, 2026 | The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arb... |
| CVE-2018-25396 | HIGH | 8.7 | 0.3% | May 29, 2026 | Heatmiser Wifi Thermostat 1.7 contains a credential disclosure vulnerability that allows unauthenticated attackers to re... |
| CVE-2018-25395 | HIGH | 8.8 | 0.3% | May 29, 2026 | Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQ... |
| CVE-2018-25394 | HIGH | 8.8 | 0.3% | May 29, 2026 | Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQ... |
| CVE-2018-25393 | HIGH | 7.1 | 0.6% | May 29, 2026 | Navigate CMS 2.8.5 contains a path traversal vulnerability that allows authenticated users to download arbitrary files b... |
| CVE-2018-25392 | HIGH | 7.1 | 0.3% | May 29, 2026 | MaxOn ERP Software 8.x-9.x contains an SQL injection vulnerability that allows authenticated users to execute arbitrary ... |
| CVE-2018-25391 | HIGH | 8.7 | 0.3% | May 29, 2026 | HaPe PKH 1.1 fails to enforce authorization on its record deletion endpoints, allowing unauthenticated attackers to dele... |
| CVE-2018-25390 | HIGH | 8.8 | 0.3% | May 29, 2026 | HaPe PKH 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database querie... |
| CVE-2018-25389 | HIGH | 8.8 | 0.3% | May 29, 2026 | HaPe PKH 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database querie... |
| CVE-2018-25388 | HIGH | 8.7 | 0.5% | May 29, 2026 | HaPe PKH 1.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious fil... |
| CVE-2018-25386 | HIGH | 8.8 | 0.3% | May 29, 2026 | HaPe PKH 1.1 contains multiple SQL injection vulnerabilities in admin/media.php that allow attackers to manipulate datab... |
| CVE-2018-25385 | HIGH | 8.8 | 0.3% | May 29, 2026 | E-Registrasi Pencak Silat 18.10 contains an SQL injection vulnerability that allows unauthenticated attackers to execute... |
| CVE-2018-25383 | HIGH | 8.6 | 0.2% | May 29, 2026 | Free MP3 CD Ripper 2.8 contains a stack-based buffer overflow vulnerability in WMA file processing that allows local att... |
| CVE-2018-25382 | HIGH | 8.8 | 0.3% | May 29, 2026 | Zechat 1.5 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information... |
| CVE-2018-25381 | HIGH | 7.1 | 0.3% | May 25, 2026 | Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute... |
| CVE-2018-25380 | HIGH | 7.1 | 0.3% | May 25, 2026 | Joomla Component eXtroForms 2.1.5 contains an SQL injection vulnerability that allows authenticated attackers to execute... |
Check if your code is affected by 2018 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now