Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2022
CVE-2022-30496
SQL injection in Logon Page of IDCE MV's application, version 1.0, allows an attacker to inject SQL payloads in the user field, connecting to a database to access enterprise's private and sensitive information.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-06-02
CVE-2022-30503
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_set_number at src/njs_value.h.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-06-02
CVE-2022-30506
An arbitrary file upload vulnerability was discovered in MCMS 5.2.7, allowing an attacker to execute arbitrary code through a crafted ZIP file.
CVSS Score
9.8
EPSS Score
0.027
Published
2022-06-02
CVE-2022-30510
School Dormitory Management System 1.0 is vulnerable to SQL Injection via reports/daily_collection_report.php:59.
CVSS Score
9.8
EPSS Score
0.238
Published
2022-06-02
CVE-2022-30511
School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/view_details.php:4.
CVSS Score
9.8
EPSS Score
0.238
Published
2022-06-02
CVE-2022-30512
School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/payment_history.php:31.
CVSS Score
9.8
EPSS Score
0.718
Published
2022-06-02
CVE-2022-30513
School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:125
CVSS Score
6.1
EPSS Score
0.073
Published
2022-06-02
CVE-2022-30514
School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:126.
CVSS Score
6.1
EPSS Score
0.073
Published
2022-06-02
CVE-2022-30521
The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link Wi-Fi router firmware DIR-890L DIR890LA1_FW107b09.bin and previous versions. The function created at 0x17958 of /htdocs/cgibin will call sprintf without checking the length of strings in parameters given by HTTP header and can be controlled by users easily. The attackers can exploit the vulnerability to carry out arbitrary code by means of sending a specially constructed payload to port 49152.
CVSS Score
9.8
EPSS Score
0.018
Published
2022-06-02
CVE-2022-30540
The affected product is vulnerable to a heap-based buffer overflow via uninitialized pointer, which may allow an attacker to execute arbitrary code
CVSS Score
7.8
EPSS Score
0.005
Published
2022-06-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved