Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2022
CVE-2021-45787
There is a stored Cross Site Scripting (XSS) vulnerability in maccms v10 through adding videos. XSS code can be inserted at parameter positions including name and remarks.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-03-16
CVE-2022-0986
Reflected Cross-site Scripting (XSS) Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.11.
CVSS Score
2.4
EPSS Score
0.003
Published
2022-03-16
CVE-2022-0705
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.
CVSS Score
4.2
EPSS Score
0.0
Published
2022-03-16
CVE-2021-45851
A Server-Side Request Forgery (SSRF) attack in FUXA 1.1.3 can be carried out leading to the obtaining of sensitive information from the server's internal environment and services, often potentially leading to the attacker executing commands on the server.
CVSS Score
7.5
EPSS Score
0.009
Published
2022-03-16
CVE-2021-45852
An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via add_patient.php.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-03-16
CVE-2021-46705
A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1.
CVSS Score
5.1
EPSS Score
0.0
Published
2022-03-16
CVE-2022-0704
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.
CVSS Score
4.0
EPSS Score
0.0
Published
2022-03-16
CVE-2022-21945
A Insecure Temporary File vulnerability in cscreen of openSUSE Factory allows local attackers to cause DoS for cscreen and a system DoS for non-default systems. This issue affects: openSUSE Factory cscreen version 1.2-1.3 and prior versions.
CVSS Score
5.1
EPSS Score
0.0
Published
2022-03-16
CVE-2022-21946
A Incorrect Permission Assignment for Critical Resource vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any running cscreen seesion. This issue affects: openSUSE Factory cscreen version 1.2-1.3 and prior versions.
CVSS Score
5.3
EPSS Score
0.0
Published
2022-03-16
CVE-2022-0911
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.
CVSS Score
6.8
EPSS Score
0.0
Published
2022-03-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved