Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2022
CVE-2022-32301
YoudianCMS v9.5.0 was discovered to contain a SQL injection vulnerability via the IdList parameter at /App/Lib/Action/Home/ApiAction.class.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-06-15
CVE-2022-32302
Theme Park Ticketing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edit_ticket.php.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-06-15
CVE-2022-32991
Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the eid parameter at welcome.php.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-06-15
CVE-2022-32992
Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the tname parameter at /admin/operations/tax.php.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-15
CVE-2021-39820
Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) is affected by an Out-of-bounds Write vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
CVSS Score
7.8
EPSS Score
0.047
Published
2022-06-15
CVE-2021-40727
Access of Memory Location After End of Buffer (CWE-788
CVSS Score
7.8
EPSS Score
0.004
Published
2022-06-15
CVE-2021-40940
Monstra 3.0.4 does not filter the case of php, which leads to an unrestricted file upload vulnerability.
CVSS Score
9.8
EPSS Score
0.009
Published
2022-06-15
CVE-2021-42732
Access of Memory Location After End of Buffer (CWE-788)
CVSS Score
7.8
EPSS Score
0.007
Published
2022-06-15
CVE-2022-1342
A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate attackers to observe sensitive data. A caching issue can cause sensitive fields to sometimes stay revealed when closing and reopening a panel, which could lead to involuntarily disclosing sensitive information. This issue affects: Devolutions Remote Desktop Manager 2022.1.24 version and prior versions.
CVSS Score
4.6
EPSS Score
0.001
Published
2022-06-15
CVE-2022-32101
kkcms v1.3.7 was discovered to contain a SQL injection vulnerability via the cid parameter at /template/wapian/vlist.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-06-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved