Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2022
CVE-2022-33114
Jfinal CMS v5.1.0 was discovered to contain a SQL injection vulnerability via the attrVal parameter at /jfinal_cms/system/dict/list.
CVSS Score
7.2
EPSS Score
0.002
Published
2022-06-23
CVE-2022-33124
AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a Denial of Service (DoS). NOTE: multiple third parties dispute this issue because there is no example of a context in which denial of service would occur, and many common contexts have exception handing in the calling application
CVSS Score
5.5
EPSS Score
0.002
Published
2022-06-23
CVE-2022-33127
The function that calls the diff tool in Diffy 3.4.1 does not properly handle double quotes in a filename when run in a windows environment. This allows attackers to execute arbitrary commands via a crafted string.
CVSS Score
9.8
EPSS Score
0.005
Published
2022-06-23
CVE-2022-31361
Docebo Community Edition v4.0.5 and below was discovered to contain a SQL injection vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
CVSS Score
9.8
EPSS Score
0.003
Published
2022-06-23
CVE-2022-31362
Docebo Community Edition v4.0.5 and below was discovered to contain an arbitrary file upload vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
CVSS Score
8.8
EPSS Score
0.006
Published
2022-06-23
CVE-2022-31395
Algo Communication Products Ltd. 8373 IP Zone Paging Adapter Firmware 1.7.6 allows attackers to perform a directory traversal via a web request sent to /fm-data.lua.
CVSS Score
8.8
EPSS Score
0.009
Published
2022-06-23
CVE-2022-31787
IdeaTMS 2022 is vulnerable to SQL Injection via the PATH_INFO
CVSS Score
9.8
EPSS Score
0.003
Published
2022-06-23
CVE-2022-32124
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component /index/jobfairol/show/.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-06-23
CVE-2022-32125
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /job.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-06-23
CVE-2022-32126
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-06-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved