Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2022
CVE-2022-25490
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in department.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-03-15
CVE-2022-25491
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-03-15
CVE-2022-25492
HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-03-15
CVE-2022-25493
HMS v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via treatmentrecord.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-03-15
CVE-2022-25494
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via staff_login.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-03-15
CVE-2022-25495
The component /jquery_file_upload/server/php/index.php of CuppaCMS v1.0 allows attackers to upload arbitrary files and execute arbitrary code via a crafted PHP file.
CVSS Score
9.8
EPSS Score
0.03
Published
2022-03-15
CVE-2022-25497
CuppaCMS v1.0 was discovered to contain an arbitrary file read via the copy function.
CVSS Score
5.3
EPSS Score
0.222
Published
2022-03-15
CVE-2022-25498
CuppaCMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the saveConfigData function in /classes/ajax/Functions.php.
CVSS Score
9.8
EPSS Score
0.115
Published
2022-03-15
CVE-2022-27212
Jenkins List Git Branches Parameter Plugin 0.0.9 and earlier does not escape the name of the 'List Git branches (and more)' parameter, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
CVSS Score
5.4
EPSS Score
0.259
Published
2022-03-15
CVE-2022-27213
Jenkins Environment Dashboard Plugin 1.1.10 and earlier does not escape the Environment order and the Component order configuration values in its views, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with View/Configure permission.
CVSS Score
5.4
EPSS Score
0.143
Published
2022-03-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved