Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2017
CVE-2017-1000013
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to an open redirect weakness
CVSS Score
6.1
EPSS Score
0.003
Published
2017-07-17
CVE-2017-1000014
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a DOS weakness in the table editing functionality
CVSS Score
7.5
EPSS Score
0.011
Published
2017-07-17
CVE-2017-1000015
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters
CVSS Score
6.1
EPSS Score
0.006
Published
2017-07-17
CVE-2017-1000016
A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. This is a re-issue of an incomplete fix from PMASA-2016-18.
CVSS Score
7.5
EPSS Score
0.004
Published
2017-07-17
CVE-2017-1000017
phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server
CVSS Score
8.8
EPSS Score
0.008
Published
2017-07-17
CVE-2017-1000018
phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name
CVSS Score
7.5
EPSS Score
0.01
Published
2017-07-17
CVE-2017-1000020
SYN Flood or FIN Flood attack in ECos 1 and other versions embedded devices results in web Authentication Bypass. "eCos Embedded Web Servers used by Multiple Routers and Home devices, while sending SYN Flood or FIN Flood packets fails to validate and handle the packets and does not ask for any sign of authentication resulting in Authentication Bypass. An attacker can take complete advantage of this bug and take over the device remotely or locally. The bug has been successfully tested and reproduced in some versions of SOHO Routers manufactured by TOTOLINK, GREATEK and others."
CVSS Score
9.8
EPSS Score
0.011
Published
2017-07-17
CVE-2017-1000021
LogicalDoc Community Edition 7.5.3 and prior is vulnerable to XXE when indexing XML documents.
CVSS Score
8.8
EPSS Score
0.007
Published
2017-07-17
CVE-2017-1000022
LogicalDoc Community Edition 7.5.3 and prior contain an Incorrect access control which could leave to privilege escalation.
CVSS Score
8.8
EPSS Score
0.003
Published
2017-07-17
CVE-2017-1000023
LogicalDoc Community Edition 7.5.3 and prior is vulnerable to an XSS when using preview on HTML document.
CVSS Score
5.4
EPSS Score
0.002
Published
2017-07-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved