Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2022
CVE-2021-32010
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. This issue affects: Secomea SiteManager All versions prior to 9.7. Secomea LinkManager versions prior to 9.7. Secomea GateManager versions prior to 9.7.
CVSS Score
5.6
EPSS Score
0.001
Published
2022-05-04
CVE-2022-28096
Skycaiji v2.4 was discovered to contain a remote code execution (RCE) vulnerability via /SkycaijiApp/admin/controller/Develop.php.
CVSS Score
7.2
EPSS Score
0.029
Published
2022-05-04
CVE-2022-28111
MyBatis PageHelper v1.x.x-v3.7.0 v4.0.0-v5.0.0,v5.1.0-v5.3.0 was discovered to contain a time-blind SQL injection vulnerability via the orderBy parameter.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-05-04
CVE-2021-42185
wdja v2.1 is affected by a SQL injection vulnerability in the foreground search function.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-05-04
CVE-2022-1571
Cross-site scripting - Reflected in Create Subaccount in GitHub repository neorazorx/facturascripts prior to 2022.07. This vulnerability can be arbitrarily executed javascript code to steal user'cookie, perform HTTP request, get content of `same origin` page, etc ...
CVSS Score
9.9
EPSS Score
0.003
Published
2022-05-04
CVE-2021-42192
Konga v0.14.9 is affected by an incorrect access control vulnerability where a specially crafted request can lead to privilege escalation.
CVSS Score
8.8
EPSS Score
0.235
Published
2022-05-04
CVE-2022-1555
DOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber prior to 1.2.16. inject arbitrary js code, deface website, steal cookie...
CVSS Score
8.8
EPSS Score
0.009
Published
2022-05-04
CVE-2022-1502
Permissions were not properly verified in the API on projects using version control in Git. This allowed projects to be modified by users with only ProjectView permissions.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-05-04
CVE-2022-27420
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-05-04
CVE-2022-27431
Wuzhicms v4.1.0 was discovered to contain a SQL injection vulnerability via the groupid parameter at /coreframe/app/member/admin/group.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-05-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved