Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2022
CVE-2022-33000
The ML-Scanner package in PyPI v0.1.0 to v0.1.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-06-24
CVE-2022-33001
The AAmiles package in PyPI v0.1.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-06-24
CVE-2022-33002
The KGExplore package in PyPI v0.1.1 to v0.1.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-06-24
CVE-2022-33003
The watools package in PyPI v0.0.1 to v0.0.8 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-06-24
CVE-2022-33004
The Beginner package in PyPI v0.0.2 to v0.0.4 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-06-24
CVE-2022-33121
A Cross-Site Request Forgery (CSRF) in MiniCMS v1.11 allows attackers to arbitrarily delete local .dat files via clicking on a malicious link.
CVSS Score
8.1
EPSS Score
0.001
Published
2022-06-24
CVE-2022-33122
A stored cross-site scripting (XSS) vulnerability in eyoucms v1.5.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL field under the login page.
CVSS Score
4.8
EPSS Score
0.002
Published
2022-06-24
CVE-2022-34053
The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-06-24
CVE-2022-34054
The Perdido package in PyPI v0.0.1 to v0.0.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-06-24
CVE-2022-34055
The drxhello package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-06-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved