Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2017
CVE-2016-4337
SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action.
CVSS Score
9.8
EPSS Score
0.027
Published
2017-04-12
CVE-2016-4891
Cross-site request forgery (CSRF) vulnerability in SetsucoCMS all versions allows remote attackers to hijack the authentication of an administrator to change settings via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-04-12
CVE-2016-4892
Cross-site scripting vulnerability in SetsucoCMS all versions allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-04-12
CVE-2016-4893
SQL injection vulnerability in the SetsucoCMS all versions allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.007
Published
2017-04-12
CVE-2016-4894
SetsucoCMS all versions allows remote attackers to cause a denial of service via unspecified vectors.
CVSS Score
5.3
EPSS Score
0.01
Published
2017-04-12
CVE-2016-4895
SetsucoCMS all versions allows remote authenticated attackers to conduct code injection attacks via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.013
Published
2017-04-12
CVE-2016-4896
SetsucoCMS all versions does not properly manage sessions, which allows remote attackers to disclose or alter unauthorized information via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.003
Published
2017-04-12
CVE-2016-4897
Multiple cross-site scripting (XSS) vulnerabilities in (1) filter/save_forward.cgi, (2) filter/save.cgi, (3) /man/search.cgi in Usermin before 1.690.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-04-12
CVE-2016-5313
Symantec Web Gateway (SWG) before 5.2.5 allows remote authenticated users to execute arbitrary OS commands.
CVSS Score
8.8
EPSS Score
0.258
Published
2017-04-12
CVE-2016-5856
Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android kernel 2017-03-05 allows local users to gain privileges, a different vulnerability than CVE-2016-5857.
CVSS Score
7.0
EPSS Score
0.001
Published
2017-04-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved