Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2022
CVE-2018-18907
An issue was discovered on D-Link DIR-850L 1.21WW devices. A partially completed WPA handshake is sufficient for obtaining full access to the wireless network. A client can access the network by sending packets on Data Frames to the AP without encryption.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-06-16
CVE-2022-26173
JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via http://target_host:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-06-16
CVE-2022-31299
Haraj v3.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the User Upgrade Form.
CVSS Score
6.1
EPSS Score
0.481
Published
2022-06-16
CVE-2021-46820
Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/categories.php
CVSS Score
8.1
EPSS Score
0.001
Published
2022-06-16
CVE-2020-25459
An issue was discovered in function sync_tree in hetero_decision_tree_guest.py in WeBank FATE (Federated AI Technology Enabler) 0.1 through 1.4.2 allows attackers to read sensitive information during the training process of machine learning joint modeling.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-06-16
CVE-2020-28865
An issue was discovered in PowerJob through 3.2.2, allows attackers to change arbitrary user passwords via the id parameter to /appinfo/save.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-06-16
CVE-2021-33295
Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html.
CVSS Score
5.4
EPSS Score
0.003
Published
2022-06-16
CVE-2021-36608
Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /projects/editproject.php.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-06-16
CVE-2021-36609
Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /linkedcontent/editfolder.php.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-06-16
CVE-2021-37764
Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/manufacturers.php.
CVSS Score
8.1
EPSS Score
0.001
Published
2022-06-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved