Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2017
CVE-2017-1152
IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system. IBM X-Force ID: 122293.
CVSS Score
4.3
EPSS Score
0.001
Published
2017-04-14
CVE-2017-1205
IBM Platform LSF 10.1 contains an unspecified vulnerability that could allow a local user to escalate their privileges and obtain root access. IBM X-Force ID: 123741.
CVSS Score
8.8
EPSS Score
0.0
Published
2017-04-14
CVE-2015-8356
Multiple SQL injection vulnerabilities in the mcart.xls module 6.5.2 and earlier for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) xls_profile parameter to admin/mcart_xls_import.php or the (2) xls_iblock_id, (3) xls_iblock_section_id, (4) firstRow, (5) titleRow, (6) firstColumn, (7) highestColumn, (8) sku_iblock_id, or (9) xls_iblock_section_id_new parameter to admin/mcart_xls_import_step_2.php.
CVSS Score
8.0
EPSS Score
0.026
Published
2017-04-14
CVE-2017-7217
The Management Web Interface in Palo Alto Networks PAN-OS before 7.0.14 and 7.1.x before 7.1.9 allows remote attackers to write to export files via unspecified parameters.
CVSS Score
4.3
EPSS Score
0.002
Published
2017-04-14
CVE-2017-7218
The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to gain privileges via unspecified request parameters.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-04-14
CVE-2017-7408
Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to cause a denial of service by leveraging improper validation of requests to revoke a Traps agent license.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-04-14
CVE-2017-7455
Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control.
CVSS Score
7.5
EPSS Score
0.4
Published
2017-04-14
CVE-2017-7456
Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials.
CVSS Score
7.5
EPSS Score
0.289
Published
2017-04-14
CVE-2017-7457
XML External Entity via ".AOP" files used by Moxa MX-AOPC Server 1.5 result in remote file disclosure.
CVSS Score
5.0
EPSS Score
0.005
Published
2017-04-14
CVE-2017-7643
Proxifier for Mac before 2.19 allows local users to gain privileges via the first parameter to the KLoader setuid program.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-04-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved