Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2022
CVE-2022-27257
A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-04-15
CVE-2022-27365
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Dance.php_del.
CVSS Score
7.2
EPSS Score
0.002
Published
2022-04-15
CVE-2022-27366
Cscms Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the component dance_Dance.php_hy.
CVSS Score
7.2
EPSS Score
0.002
Published
2022-04-15
CVE-2022-27367
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Topic.php_del.
CVSS Score
7.2
EPSS Score
0.002
Published
2022-04-15
CVE-2022-27368
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Lists.php_zhuan.
CVSS Score
7.2
EPSS Score
0.002
Published
2022-04-15
CVE-2022-27369
Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component news_News.php_hy.
CVSS Score
7.2
EPSS Score
0.002
Published
2022-04-15
CVE-2021-44498
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, attackers can cause a type to be incorrectly initialized in the function f_incr in sr_port/f_incr.c and cause a crash due to a NULL pointer dereference.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-04-15
CVE-2021-44499
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that occurs on the stack, causing a buffer overflow.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-04-15
CVE-2021-44500
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of input validation in calls to eb_div in sr_port/eb_muldiv.c allows attackers to crash the application by performing a divide by zero.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-04-15
CVE-2021-44501
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause calls to ZRead to crash due to a NULL pointer dereference.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-04-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved