Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2023
CVE-2022-48130
Tenda W20E v15.11.0.6 was discovered to contain multiple stack overflows in the function formSetStaticRoute via the parameters staticRouteNet, staticRouteMask, staticRouteGateway, staticRouteWAN.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-02-02
CVE-2022-48140
DedeCMS v5.7.97 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /file_manage_view.php?fmdo=edit&filename.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-02-02
CVE-2022-46842
Cross-Site Request Forgery (CSRF) vulnerability in JS Help Desk plugin <= 2.7.1 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-02-02
CVE-2022-48079
Monnai aaPanel host system v1.5 contains an access control issue which allows attackers to escalate privileges and execute arbitrary code via uploading a crafted PHP file to the virtual host directory of the system.
CVSS Score
9.8
EPSS Score
0.005
Published
2023-02-02
CVE-2022-46815
Cross-Site Request Forgery (CSRF) vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin <= 2.3.1 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-02-02
CVE-2022-45067
Cross-Site Request Forgery (CSRF) vulnerability in DevsCred Exclusive Addons Elementor plugin <= 2.6.1 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-02-02
CVE-2022-45807
Cross-Site Request Forgery (CSRF) in WPVibes WP Mail Log plugin <= 1.0.1 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-02-02
CVE-2022-3560
A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' group. However, the script doesn't check for symbolic links. This could allow an attacker to gain access to privileged files and directories via a path traversal attack.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-02-02
CVE-2022-40692
Cross-Site Request Forgery (CSRF) vulnerability in WP Sunshine Sunshine Photo Cart plugin <= 2.9.13 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-02-02
CVE-2022-44585
Cross-Site Request Forgery (CSRF) vulnerability in Magneticlab Sàrl Homepage Pop-up plugin <= 1.2.5 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-02-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved