Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2016
CVE-2016-4826
Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-4827.
CVSS Score
6.1
EPSS Score
0.004
Published
2016-06-25
CVE-2016-4825
The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted serialized data.
CVSS Score
5.6
EPSS Score
0.065
Published
2016-06-25
CVE-2016-4824
The Wi-Fi Protected Setup (WPS) implementation on Corega CG-WLR300GNV and CG-WLR300GNV-W devices does not restrict the number of PIN authentication attempts, which makes it easier for remote attackers to obtain network access via a brute-force attack.
CVSS Score
5.3
EPSS Score
0.003
Published
2016-06-25
CVE-2016-4823
Corega CG-WLBARAGM devices allow remote attackers to cause a denial of service (reboot) via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.007
Published
2016-06-25
CVE-2016-4822
Corega CG-WLBARGL devices allow remote authenticated users to execute arbitrary commands via unspecified vectors.
CVSS Score
8.0
EPSS Score
0.016
Published
2016-06-25
CVE-2016-1193
Cybozu Garoon 3.7 through 4.2 allows remote attackers to obtain sensitive email-reading information via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2016-06-25
CVE-2016-1190
Cybozu Garoon 3.1 through 4.2 allows remote authenticated users to bypass intended restrictions on MultiReport reading via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.002
Published
2016-06-25
CVE-2016-1189
Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended restrictions on reading, creating, or modifying a portlet via unspecified vectors.
CVSS Score
8.1
EPSS Score
0.002
Published
2016-06-25
CVE-2016-1188
Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to send spoofed e-mail messages via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.002
Published
2016-06-25
CVE-2016-4528
Buffer overflow in Advantech WebAccess before 8.1_20160519 allows local users to cause a denial of service via a crafted DLL file.
CVSS Score
5.0
EPSS Score
0.001
Published
2016-06-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved