Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2022
CVE-2022-30057
Shopwind <=v3.4.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-05-11
CVE-2022-30058
Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Download vulnerability via the neirong parameter at \backend\controllers\DbController.php.
CVSS Score
5.3
EPSS Score
0.003
Published
2022-05-11
CVE-2022-30059
Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Delete vulnerability via the neirong parameter at \backend\controllers\DbController.php.
CVSS Score
6.5
EPSS Score
0.004
Published
2022-05-11
CVE-2022-30060
ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php
CVSS Score
8.8
EPSS Score
0.004
Published
2022-05-11
CVE-2022-30061
ftcms <=2.1 was discovered to be vulnerable to directory traversal attacks via the parameter tp.
CVSS Score
6.5
EPSS Score
0.004
Published
2022-05-11
CVE-2022-30062
ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Read via tp.php
CVSS Score
6.5
EPSS Score
0.004
Published
2022-05-11
CVE-2022-30452
ShopWind <= v3.4.2 has a Sql injection vulnerability in Database.php
CVSS Score
7.2
EPSS Score
0.003
Published
2022-05-11
CVE-2022-30453
ShopWind <= 3.4.2 has a RCE vulnerability in Database.php
CVSS Score
9.8
EPSS Score
0.006
Published
2022-05-11
CVE-2022-28254
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Score
5.5
EPSS Score
0.009
Published
2022-05-11
CVE-2022-28255
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Score
5.5
EPSS Score
0.009
Published
2022-05-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved