Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2023
CVE-2022-47040
An issue in ASKEY router RTF3505VW-N1 BR_SV_g000_R3505VMN1001_s32_7 allows attackers to escalate privileges via running the tcpdump command after placing a crafted file in the /tmp directory and sending crafted packets through port 80.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-01-26
CVE-2022-47042
MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-01-26
CVE-2022-47052
The web interface of the 'Nighthawk R6220 AC1200 Smart Wi-Fi Router' is vulnerable to a CRLF Injection attack that can be leveraged to perform Reflected XSS and HTML Injection. A malicious unauthenticated attacker can exploit this vulnerability using a specially crafted URL. This affects firmware versions: V1.1.0.112_1.0.1, V1.1.0.114_1.0.1.
CVSS Score
6.1
EPSS Score
0.004
Published
2023-01-26
CVE-2022-47073
A cross-site scripting (XSS) vulnerability in the Create Ticket page of Small CRM v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Subject parameter.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-01-26
CVE-2022-46624
A cross-site scripting (XSS) vulnerability in Online Graduate Tracer System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-01-26
CVE-2022-46957
Sourcecodester.com Online Graduate Tracer System V 1.0.0 is vulnerable to Cross Site Scripting (XSS).
CVSS Score
6.1
EPSS Score
0.003
Published
2023-01-26
CVE-2022-46128
phpgurukul Doctor Appointment Management System V 1.0.0 is vulnerable to Cross Site Scripting (XSS) via searchdata=.
CVSS Score
6.1
EPSS Score
0.002
Published
2023-01-26
CVE-2022-45820
SQL Injection (SQLi) vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions.
CVSS Score
9.1
EPSS Score
0.003
Published
2023-01-26
CVE-2022-45920
In Softing uaToolkit Embedded before 1.41, a malformed CreateMonitoredItems request may cause a memory leak.
CVSS Score
7.5
EPSS Score
0.005
Published
2023-01-26
CVE-2022-45808
SQL Injection vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions.
CVSS Score
9.9
EPSS Score
0.747
Published
2023-01-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved