LiveActive security incident?Get immediate response
CVE archive

March 2018

Browse CVE records published in March 2018, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 1325 matching CVEs · Page 1 of 27.

Critical · CVSS 9.8

CVE-2018-25159: Epross AVCON6 OGNL Remote Code Execution via login.action

Epross AVCON6 systems management platform contains an object-graph navigation language (OGNL) injection vulnerability that allows unauthenticated attackers to execute arbitrary commands by injecting malicious OGNL expressions. Attackers can send crafted requests to the login.action endpoint with OGNL payloads in the redirect parameter to instantiate ProcessBuilder objects and execute system commands with root privileges.

Published Mar 11, 2026 · Updated Apr 7, 2026

Medium · CVSS 6.9

CVE-2018-25234: SmartFTP Client 9.0.2615.0 Denial of Service via Host Field

SmartFTP Client 9.0.2615.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Host field. Attackers can paste a buffer of 300 repeated characters into the Host connection parameter to trigger an application crash.

Published Mar 30, 2026 · Updated Apr 1, 2026

Medium · CVSS 6.9

CVE-2018-25228: NetSetMan 4.7.1 Workgroup Buffer Overflow Denial of Service

NetSetMan 4.7.1 contains a buffer overflow vulnerability in the Workgroup feature that allows local attackers to crash the application by supplying oversized input. Attackers can create a malicious configuration file with excessive data and paste it into the Workgroup field to trigger a denial of service condition.

Published Mar 30, 2026 · Updated Apr 1, 2026

Critical · CVSS 9.8

CVE-2018-25223: Crashmail 1.6 Stack-based Buffer Overflow Remote Code Execution

Crashmail 1.6 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending malicious input to the application. Attackers can craft payloads with ROP chains to achieve code execution in the application context, with failed attempts potentially causing denial of service.

Published Mar 28, 2026 · Updated Apr 1, 2026

High · CVSS 8.6

CVE-2018-25224: PMS 0.42 Stack-Based Buffer Overflow via Configuration File

PMS 0.42 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious values in the configuration file. Attackers can craft configuration files with oversized input that overflows the stack buffer and execute shell commands via return-oriented programming gadgets.

Published Mar 28, 2026 · Updated Mar 30, 2026

Medium · CVSS 6.9

CVE-2018-25226: FTPShell Server 6.83 Denial of Service via Account Name

FTPShell Server 6.83 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the account name field. Attackers can trigger a denial of service by pasting a 417-byte payload into the 'Account name to ban' parameter within the Manage FTP Accounts interface.

Published Mar 30, 2026 · Updated Mar 30, 2026

Medium · CVSS 6.8

CVE-2018-25232: Softros LAN Messenger 9.2 Denial of Service via Log Files Location

Softros LAN Messenger 9.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the custom log files location field. Attackers can input a buffer of 2000 characters in the Log Files Location custom path parameter to trigger a crash when the OK button is clicked.

Published Mar 30, 2026 · Updated Mar 30, 2026

Critical · CVSS 9.8

CVE-2018-25221: EChat Server 3.1 Buffer Overflow via chat.ghp username Parameter

EChat Server 3.1 contains a buffer overflow vulnerability in the chat.ghp endpoint that allows remote attackers to execute arbitrary code by supplying an oversized username parameter. Attackers can send a GET request to chat.ghp with a malicious username value containing shellcode and ROP gadgets to achieve code execution in the application context.

Published Mar 28, 2026 · Updated Mar 30, 2026

Critical · CVSS 9.8

CVE-2018-25220: Bochs 2.6-5 Buffer Overflow Remote Code Execution

Bochs 2.6-5 contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized input string to the application. Attackers can craft a malicious payload with 1200 bytes of padding followed by a return-oriented programming chain to overwrite the instruction pointer and execute shell commands with application privileges.

Published Mar 28, 2026 · Updated Mar 30, 2026

Medium · CVSS 6.9

CVE-2018-25231: HeidiSQL 9.5.0.5196 Denial of Service via Preferences

HeidiSQL 9.5.0.5196 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long file path in the logging preferences. Attackers can input a buffer-overflow payload through the SQL log file path field in Preferences > Logging to trigger an application crash.

Published Mar 30, 2026 · Updated Mar 30, 2026

High · CVSS 8.6

CVE-2018-25222: SC v7.16 Stack-Based Buffer Overflow Remote Code Execution

SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding 1052 bytes to overwrite the instruction pointer and execute shellcode in the application context.

Published Mar 28, 2026 · Updated Mar 30, 2026

High · CVSS 8.6

CVE-2018-25225: SIPP 3.3 Stack-Based Buffer Overflow via Configuration File

SIPP 3.3 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious input in the configuration file. Attackers can craft a configuration file with oversized values that overflow a stack buffer, overwriting the return address and executing arbitrary code through return-oriented programming gadgets.

Published Mar 28, 2026 · Updated Mar 30, 2026

Medium · CVSS 6.8

CVE-2018-25230: Free IP Switcher 3.1 Denial of Service via Computer Name

Free IP Switcher 3.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Computer Name field. Attackers can paste a malicious payload into the Computer Name input field and click Activate to trigger a denial of service condition that crashes the application.

Published Mar 30, 2026 · Updated Mar 30, 2026

Medium · CVSS 6.9

CVE-2018-25227: Valentina Studio 9.0.4 Denial of Service via Host Parameter

Valentina Studio 9.0.4 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Host field. Attackers can trigger the crash by pasting a 256-byte buffer of repeated characters into the Host parameter during server connection attempts.

Published Mar 30, 2026 · Updated Mar 30, 2026

Medium · CVSS 6.9

CVE-2018-25233: WebDrive 18.00.5057 Denial of Service via Secure WebDAV

WebDrive 18.00.5057 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the username field during Secure WebDAV connection setup. Attackers can input a buffer-overflow payload of 5000 bytes in the username parameter and trigger a connection test to cause the application to crash.

Published Mar 30, 2026 · Updated Mar 30, 2026

Medium · CVSS 6.8

CVE-2018-25229: BulletProof FTP Server 2019.0.0.50 Denial of Service via SMTP

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the SMTP configuration interface that allows local attackers to crash the application by supplying an oversized string. Attackers can input a buffer of 257 'A' characters in the SMTP Server field and trigger a crash by clicking the Test button.

Published Mar 30, 2026 · Updated Mar 30, 2026

Medium · CVSS 6.9

CVE-2018-25235: NetworkActiv Web Server 4.0 Username Field Buffer Overflow DoS

NetworkActiv Web Server 4.0 contains a buffer overflow vulnerability in the username field of the Security options that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by entering a crafted username value exceeding the expected buffer size through the Set username interface.

Published Mar 30, 2026 · Updated Mar 30, 2026

High · CVSS 8.6

CVE-2018-25218: PassFab RAR Password Recovery 9.3.2 SEH Buffer Overflow

PassFab RAR Password Recovery 9.3.2 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a payload with a buffer overflow, NSEH jump, and shellcode, then paste it into the 'Licensed E-mail and Registration Code' field during registration to trigger code execution.

Published Mar 26, 2026 · Updated Mar 28, 2026

High · CVSS 8.6

CVE-2018-25212: Boxoft wav-wma Converter 1.0 Local Buffer Overflow SEH

Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Attackers can create a specially crafted WAV file with excessive data and ROP gadgets to overwrite the SEH chain and achieve code execution on Windows systems.

Published Mar 26, 2026 · Updated Mar 28, 2026

High · CVSS 8.8

CVE-2018-25210: WebOfisi E-Ticaret 4.0 SQL Injection via urun Parameter

WebOfisi E-Ticaret 4.0 contains an SQL injection vulnerability in the 'urun' GET parameter of the endpoint that allows unauthenticated attackers to manipulate database queries. Attackers can inject SQL payloads through the 'urun' parameter to execute boolean-based blind, error-based, time-based blind, and stacked query attacks against the backend database.

Published Mar 26, 2026 · Updated Mar 28, 2026

High · CVSS 8.8

CVE-2018-25206: KomSeo Cart 1.3 SQL Injection via edit.php

KomSeo Cart 1.3 contains an SQL injection vulnerability that allows attackers to inject SQL commands through the 'my_item_search' parameter in edit.php. Attackers can submit POST requests with malicious SQL payloads to extract sensitive database information using boolean-based blind or error-based injection techniques.

Published Mar 26, 2026 · Updated Mar 28, 2026

High · CVSS 8.8

CVE-2018-25195: Wecodex Hotel CMS 1.0 SQL Injection via Admin Login

Wecodex Hotel CMS 1.0 contains an SQL injection vulnerability in the admin login functionality that allows unauthenticated attackers to bypass authentication by injecting SQL code. Attackers can submit malicious SQL payloads through the username parameter in POST requests to index.php with action=processlogin to extract sensitive database information or gain unauthorized administrative access.

Published Mar 26, 2026 · Updated Mar 28, 2026

High · CVSS 8.8

CVE-2018-25183: Shipping System CMS 1.0 SQL Injection via admin login

Shipping System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit malicious SQL payloads using boolean-based blind techniques in POST requests to the admin login endpoint to authenticate without valid credentials.

Published Mar 26, 2026 · Updated Mar 26, 2026

High · CVSS 8.8

CVE-2018-25202: SAT CFDI 3.3 SQL Injection via signIn endpoint

SAT CFDI 3.3 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the 'id' parameter in the signIn endpoint. Attackers can submit POST requests with boolean-based blind, stacked queries, or time-based blind SQL injection payloads to extract sensitive data or compromise the application.

Published Mar 26, 2026 · Updated Mar 26, 2026

High · CVSS 8.8

CVE-2018-25204: Library CMS 1.0 SQL Injection via admin login

Library CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can send POST requests to the admin login endpoint with boolean-based blind SQL injection payloads in the username field to manipulate database queries and gain unauthorized access.

Published Mar 26, 2026 · Updated Mar 26, 2026

High · CVSS 8.8

CVE-2018-25208: qdPM 9.1 SQL Injection via filter_by Parameters

qdPM 9.1 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through filter_by parameters. Attackers can submit malicious POST requests to the timeReport endpoint with crafted filter_by[CommentCreatedFrom] and filter_by[CommentCreatedTo] parameters to execute arbitrary SQL queries and retrieve sensitive data.

Published Mar 26, 2026 · Updated Mar 26, 2026

Medium · CVSS 6.9

CVE-2018-25214: MegaPing Local Buffer Overflow Denial of Service

MegaPing contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload to the Destination Address List field in the Finger function. Attackers can paste a crafted buffer exceeding expected input limits into the vulnerable field and trigger the Start button to cause a denial of service crash.

Published Mar 26, 2026 · Updated Mar 26, 2026

Medium · CVSS 6.9

CVE-2018-25216: AnyBurn 4.3 Denial of Service Local Buffer Overflow

AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Attackers can paste a 10000-byte payload into the 'Image file name' parameter during the 'Copy disk to Image' operation to trigger a denial of service condition.

Published Mar 26, 2026 · Updated Mar 26, 2026

High · CVSS 8.8

CVE-2018-25209: OpenBiz Cubi Lite 3.0.8 SQL Injection via username Parameter

OpenBiz Cubi Lite 3.0.8 contains a SQL injection vulnerability in the login form that allows unauthenticated attackers to manipulate database queries through the username parameter. Attackers can submit POST requests to /bin/controller.php with malicious SQL code in the username field to extract sensitive database information or bypass authentication.

Published Mar 26, 2026 · Updated Mar 26, 2026

Medium · CVSS 6.8

CVE-2018-25215: Excel Password Recovery Professional 8.2.0.0 Local Buffer Overflow DoS

Excel Password Recovery Professional 8.2.0.0 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by supplying an excessively long string to the 'E-Mail and Registrations Code' field. Attackers can paste a crafted payload containing 5000 bytes of data into the registration field to trigger a crash when the Register button is clicked.

Published Mar 26, 2026 · Updated Mar 26, 2026

High · CVSS 8.8

CVE-2018-25203: Online Store System CMS 1.0 SQL Injection via clientaccess

Online Store System CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter. Attackers can send POST requests to index.php with the action=clientaccess parameter using boolean-based blind or time-based blind SQL injection payloads in the email field to extract sensitive database information.

Published Mar 26, 2026 · Updated Mar 26, 2026

High · CVSS 8.6

CVE-2018-25213: Nsauditor 3.0.28.0 Local SEH Buffer Overflow

Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input to the DNS Lookup tool. Attackers can craft a payload with SEH chain overwrite and inject shellcode through the DNS Query field to achieve code execution with application privileges.

Published Mar 26, 2026 · Updated Mar 26, 2026

High · CVSS 8.6

CVE-2018-25219: PassFab Excel Password Recovery 8.3.1 SEH Buffer Overflow

PassFab Excel Password Recovery 8.3.1 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the registration code field. Attackers can craft a buffer overflow payload with a pop-pop-ret gadget and shellcode that triggers code execution when pasted into the Licensed E-mail and Registration Code field during the registration process.

Published Mar 26, 2026 · Updated Mar 26, 2026

High · CVSS 8.5

CVE-2018-25211: Allok Video Splitter 3.1.1217 Buffer Overflow via License Name

Allok Video Splitter 3.1.1217 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service or execute arbitrary code by supplying an oversized string in the License Name field. Attackers can craft a malicious payload exceeding 780 bytes, paste it into the License Name registration field, and trigger the overflow when the Register button is clicked.

Published Mar 26, 2026 · Updated Mar 26, 2026

High · CVSS 8.6

CVE-2018-25217: PDF Explorer 1.5.66.2 Structured Exception Handler Local Code Execution

PDF Explorer 1.5.66.2 contains a structured exception handler (SEH) overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH records with malicious data. Attackers can craft a payload with buffer overflow, NSEH jump, and ROP gadget chains that execute when the Custom fields settings dialog processes the malicious input in the Label field.

Published Mar 26, 2026 · Updated Mar 26, 2026

High · CVSS 8.8

CVE-2018-25185: Wecodex Restaurant CMS 1.0 SQL Injection via Login

Wecodex Restaurant CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the username parameter. Attackers can send POST requests to the login endpoint with malicious SQL payloads using boolean-based blind or time-based blind techniques to extract sensitive database information.

Published Mar 26, 2026 · Updated Mar 26, 2026

High · CVSS 8.8

CVE-2018-25205: ASP.NET jVideo Kit 1.0 SQL Injection via query Parameter

ASP.NET jVideo Kit 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to inject SQL commands through the 'query' parameter in the search functionality. Attackers can submit malicious SQL payloads via GET or POST requests to the /search endpoint to extract sensitive database information using boolean-based blind or error-based techniques.

Published Mar 26, 2026 · Updated Mar 26, 2026

High · CVSS 7.1

CVE-2018-25201: School Management System CMS 1.0 Admin Login SQL Injection

School Management System CMS 1.0 contains an SQL injection vulnerability in the admin login functionality that allows attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit malicious payloads using boolean-based blind SQL injection techniques to the processlogin endpoint to authenticate as administrator without valid credentials.

Published Mar 26, 2026 · Updated Mar 26, 2026

High · CVSS 7.1

CVE-2018-25207: Online Quiz Maker 1.0 SQL Injection via catid Parameter

Online Quiz Maker 1.0 contains SQL injection vulnerabilities in the catid and usern parameters that allow authenticated attackers to execute arbitrary SQL commands. Attackers can submit malicious POST requests to quiz-system.php or add-category.php with crafted SQL payloads in POST parameters to extract sensitive database information or bypass authentication.

Published Mar 26, 2026 · Updated Mar 26, 2026

High · CVSS 8.8

CVE-2018-25166: Meneame English Pligg 5.8 SQL Injection via search Parameter

Meneame English Pligg 5.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the search parameter. Attackers can send GET requests to index.php with crafted SQL payloads in the search parameter to extract sensitive database information including usernames, database names, and version details.

Published Mar 6, 2026 · Updated Mar 9, 2026

High · CVSS 7.1

CVE-2018-25165: Galaxy Forces MMORPG 0.5.8 SQL Injection via ads.php

Galaxy Forces MMORPG 0.5.8 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'type' parameter. Attackers can send POST requests to ads.php with crafted SQL payloads in the type parameter to extract sensitive database information including usernames, databases, and version details.

Published Mar 6, 2026 · Updated Mar 9, 2026

High · CVSS 8.8

CVE-2018-25167: Net-Billetterie 2.9 SQL Injection via login.inc.php

Net-Billetterie 2.9 contains an SQL injection vulnerability in the login parameter of login.inc.php that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can submit malicious SQL code through the login POST parameter to extract database information including usernames, passwords, and system credentials.

Published Mar 6, 2026 · Updated Mar 9, 2026

High · CVSS 8.7

CVE-2018-25164: EverSync 0.5 Arbitrary File Download via files Directory

EverSync 0.5 contains an arbitrary file download vulnerability that allows unauthenticated attackers to access sensitive files by requesting them directly from the files directory. Attackers can send GET requests to the files directory to download database files like db.sq3 containing application data and credentials.

Published Mar 6, 2026 · Updated Mar 9, 2026

High · CVSS 8.8

CVE-2018-25163: BitZoom 1.0 SQL Injection via rollno Parameter

BitZoom 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the rollno and username parameters in forgot.php and login.php. Attackers can submit crafted POST requests with SQL UNION statements to extract database schema information and table contents from the application database.

Published Mar 6, 2026 · Updated Mar 9, 2026

High · CVSS 8.8

CVE-2018-25171: EdTv 2 SQL Injection via id Parameter

EdTv 2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to the admin/edit_source endpoint with crafted SQL UNION statements to extract database information including schema names, user credentials, and version details.

Published Mar 6, 2026 · Updated Mar 9, 2026

High · CVSS 8.8

CVE-2018-25170: DoceboLMS 1.2 SQL Injection via lesson.php

DoceboLMS 1.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the id, idC, and idU parameters. Attackers can send GET requests to the lesson.php endpoint with malicious SQL payloads to extract sensitive database information.

Published Mar 6, 2026 · Updated Mar 9, 2026

High · CVSS 8.8

CVE-2018-25172: Pedidos 1.0 SQL Injection via load_proveedores.php

Pedidos 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'q' parameter. Attackers can send GET requests to the ajax/load_proveedores.php endpoint with crafted SQL payloads to extract sensitive database information including schema names and table structures.

Published Mar 6, 2026 · Updated Mar 9, 2026

High · CVSS 8.7

CVE-2018-25169: AMPPS 2.7 Denial of Service via Malformed Socket Connection

AMPPS 2.7 contains a denial of service vulnerability that allows remote attackers to crash the service by sending malformed data to the default HTTP port. Attackers can establish multiple socket connections and transmit invalid payloads to exhaust server resources and cause service unavailability.

Published Mar 6, 2026 · Updated Mar 9, 2026

Medium · CVSS 5.3

CVE-2018-25168: Precurio Intranet Portal 2.0 Cross-Site Request Forgery Add Admin

Precurio Intranet Portal 2.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by submitting crafted POST requests. Attackers can forge requests to the /public/admin/user/submitnew endpoint with user creation parameters to add new admin accounts without requiring CSRF tokens or user interaction.

Published Mar 6, 2026 · Updated Mar 9, 2026