Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2019
CVE-2019-7422
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/addMailSettings.jsp" file in the gF parameter.
CVSS Score
6.1
EPSS Score
0.013
Published
2019-03-21
CVE-2019-7423
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/editProfile.jsp" file in the userName parameter.
CVSS Score
6.1
EPSS Score
0.013
Published
2019-03-21
CVE-2019-7424
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/index.jsp" file in the view GET parameter or any of these POST parameters: autorefTime, section, snapshot, viewOpt, viewAll, view, or groupSelName. The latter is related to CVE-2009-3903.
CVSS Score
6.1
EPSS Score
0.013
Published
2019-03-21
CVE-2019-7425
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the task parameter.
CVSS Score
6.1
EPSS Score
0.013
Published
2019-03-21
CVE-2019-7429
PHP Scripts Mall Property Rental Software 2.1.4 has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2016/08 directory.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-03-21
CVE-2019-7430
PHP Scripts Mall Image Sharing Script 1.3.4 has HTML injection via the Search Bar.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-03-21
CVE-2019-7431
PHP Scripts Mall Image Sharing Script 1.3.4 has directory traversal via a direct request for a listing of an uploads directory.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-03-21
CVE-2019-7432
PHP Scripts Mall Rental Bike Script 2.0.3 has HTML injection via the STREET field in the Profile Edit section.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-03-21
CVE-2019-7433
PHP Scripts Mall Rental Bike Script 2.0.3 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-03-21
CVE-2019-7434
PHP Scripts Mall Rental Bike Script 2.0.3 has directory traversal via a direct request for a listing of an uploads directory.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-03-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved