Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2018
CVE-2018-10080
Secutech RiS-11, RiS-22, and RiS-33 devices with firmware V5.07.52_es_FRI01 allow DNS settings changes via a goform/AdvSetDns?GO=wan_dns.asp request in conjunction with a crafted admin cookie.
CVSS Score
8.6
EPSS Score
0.001
Published
2018-04-13
CVE-2018-6870
Reflected XSS exists in PHP Scripts Mall Website Seller Script 2.0.3 via the Listings Search feature.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-04-12
CVE-2018-6879
PHP Scripts Mall Website Seller Script 2.0.3 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address by removing the validation code.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-04-12
CVE-2018-6900
PHP Scripts Mall Website Broker Script 3.0.6 has XSS via the Last Name field on the My Profile page.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-04-12
CVE-2018-6902
PHP Scripts Mall Image Sharing Script 1.3.3 has XSS via the Full Name field in an Edit Profile action.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-04-12
CVE-2018-6903
PHP Scripts Mall Hot Scripts Clone Script Classified v3.1 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address by removing the validation code.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-04-12
CVE-2018-6904
PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-04-12
CVE-2018-6934
CSRF exists in student/personal-info in PHP Scripts Mall Online Tutoring Script 2.0.3.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-04-12
CVE-2018-6935
PHP Scripts Mall Student Profile Management System Script v2.0.6 has XSS via the Name field to list_student.php.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-04-12
CVE-2014-6120
IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, 9.0 through 9.0.0.1, and 9.0.1 allow remote attackers to execute arbitrary commands on the installation server via unspecified vectors. IBM X-Force ID: 96721.
CVSS Score
9.8
EPSS Score
0.042
Published
2018-04-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved