Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2019
CVE-2019-10350
Jenkins Port Allocator Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-07-11
CVE-2019-10351
Jenkins Caliper CI Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-07-11
CVE-2019-12363
An CSRF issue was discovered in the JN-Jones MyBB-2FA plugin through 2014-11-05 for MyBB. An attacker can forge a request to an installed mybb2fa plugin to control its state via usercp.php?action=mybb2fa&do=deactivate (or usercp.php?action=mybb2fa&do=activate). A deactivate operation lowers the security of the targeted account by disabling two factor authentication.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-07-11
CVE-2019-12537
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the SearchN.do search field.
CVSS Score
6.1
EPSS Score
0.016
Published
2019-07-11
CVE-2019-12539
An issue was discovered in the Purchase component of Zoho ManageEngine ServiceDesk Plus. There is XSS via the SearchN.do search field, a different vulnerability than CVE-2019-12189.
CVSS Score
6.1
EPSS Score
0.031
Published
2019-07-11
CVE-2019-12540
An issue was discovered in Zoho ManageEngine ServiceDesk Plus 10.5. There is XSS via the WorkOrder.do search field.
CVSS Score
6.1
EPSS Score
0.027
Published
2019-07-11
CVE-2019-12595
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the RCSettings.do rdsName parameter.
CVSS Score
6.1
EPSS Score
0.016
Published
2019-07-11
CVE-2019-12596
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via SoftwareListView.do with the parameter swType or swComplianceType.
CVSS Score
6.1
EPSS Score
0.016
Published
2019-07-11
CVE-2019-12597
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via ResourcesAttachments.jsp with the parameter pageName.
CVSS Score
6.1
EPSS Score
0.016
Published
2019-07-11
CVE-2019-13506
@nuxt/devalue before 1.2.3, as used in Nuxt.js before 2.6.2, mishandles object keys, leading to XSS.
CVSS Score
6.1
EPSS Score
0.006
Published
2019-07-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved