Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2024
CVE-2024-34936
A SQL injection vulnerability in /view/event1.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the month parameter.
CVSS Score
8.6
EPSS Score
0.001
Published
2024-05-23
CVE-2024-35081
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter in the fileDownload method.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-05-23
CVE-2024-35082
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysOperLogMapper.xml.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-05-23
CVE-2024-35083
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysLoginInfoMapper.xml.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-05-23
CVE-2024-35084
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysMsgPushMapper.xml.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-05-23
CVE-2024-35085
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in ProcessDefinitionMapper.xml.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-05-23
CVE-2024-35086
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in BpmTaskFromMapper.xml .
CVSS Score
9.8
EPSS Score
0.001
Published
2024-05-23
CVE-2024-34927
A SQL injection vulnerability in /model/update_classroom.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-05-23
CVE-2024-34928
A SQL injection vulnerability in /model/update_subject_routing.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter.
CVSS Score
7.3
EPSS Score
0.001
Published
2024-05-23
CVE-2024-34929
A SQL injection vulnerability in /view/find_friends.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the my_index parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-05-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved