Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2022
CVE-2022-31049
TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, user submitted content was used without being properly encoded in HTML emails sent to users. The actually affected components were mail clients used to view those messages. TYPO3 versions 9.5.34 ELTS, 10.4.29, and 11.5.11 contain a fix for the problem.
CVSS Score
5.4
EPSS Score
0.006
Published
2022-06-14
CVE-2022-31050
TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, Admin Tool sessions initiated via the TYPO3 backend user interface had not been revoked even if the corresponding user account was degraded to lower permissions or disabled completely. This way, sessions in the admin tool theoretically could have been prolonged without any limit. TYPO3 versions 9.5.34 ELTS, 10.4.29, and 11.5.11 contain a fix for the problem.
CVSS Score
6.0
EPSS Score
0.004
Published
2022-06-14
CVE-2022-31060
Discourse is an open-source discussion platform. Prior to version 2.8.4 in the `stable` branch and version `2.9.0.beta5` in the `beta` and `tests-passed` branches, banner topic data is exposed on login-required sites. This issue is patched in version 2.8.4 in the `stable` branch and version `2.9.0.beta5` in the `beta` and `tests-passed` branches of Discourse. As a workaround, one may disable banners.
CVSS Score
5.3
EPSS Score
0.004
Published
2022-06-14
CVE-2022-32353
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/manage_field_order.php?id=.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-14
CVE-2022-32354
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=user/manage_user&id=.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-14
CVE-2022-32355
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/view_product&id=.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-14
CVE-2022-32358
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_inquiry.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-14
CVE-2022-32359
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_category.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-14
CVE-2022-32362
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/manage_category.php?id=.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-14
CVE-2022-32363
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/view_category.php?id=.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-06-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved