Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2018
CVE-2016-8656
Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation.
CVSS Score
7.0
EPSS Score
0.001
Published
2018-05-22
CVE-2017-2609
jenkins before versions 2.44, 2.32.2 is vulnerable to an information disclosure vulnerability in search suggestions (SECURITY-385). The autocomplete feature on the search box discloses the names of the views in its suggestions, including the ones for which the current user does not have access to.
CVSS Score
4.3
EPSS Score
0.0
Published
2018-05-22
CVE-2017-2617
hawtio before version 1.5.5 is vulnerable to remote code execution via file upload. An attacker could use this vulnerability to upload a crafted file which could be executed on a target machine where hawtio is deployed.
CVSS Score
7.6
EPSS Score
0.007
Published
2018-05-22
CVE-2018-11372
iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-05-22
CVE-2018-11373
iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-05-22
CVE-2018-11371
SkyCaiji 1.2 allows CSRF to add an Administrator user.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-05-22
CVE-2018-11321
An issue was discovered in com_fields in Joomla! Core before 3.8.8. Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option.
CVSS Score
6.5
EPSS Score
0.002
Published
2018-05-22
CVE-2018-11322
An issue was discovered in Joomla! Core before 3.8.8. Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-05-22
CVE-2018-11323
An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to modify the access levels of user groups with higher permissions.
CVSS Score
8.8
EPSS Score
0.006
Published
2018-05-22
CVE-2018-11324
An issue was discovered in Joomla! Core before 3.8.8. A long running background process, such as remote checks for core or extension updates, could create a race condition where a session that was expected to be destroyed would be recreated.
CVSS Score
5.9
EPSS Score
0.0
Published
2018-05-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved