Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2022
CVE-2022-36748
PicUploader v2.6.3 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /master/index.php.
CVSS Score
6.1
EPSS Score
0.001
Published
2022-08-30
CVE-2022-36749
RPi-Jukebox-RFID v2.3.0 was discovered to contain a command injection vulnerability via the component /htdocs/utils/Files.php. This vulnerability is exploited via a crafted payload injected into the file name of an uploaded file.
CVSS Score
9.8
EPSS Score
0.102
Published
2022-08-30
CVE-2022-27560
HCL VersionVault Express exposes administrator credentials.
CVSS Score
6.0
EPSS Score
0.001
Published
2022-08-30
CVE-2022-27563
An unauthenticated user can overload a part of HCL VersionVault Express and cause a denial of service.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-08-30
CVE-2022-36561
XPDF v4.0.4 was discovered to contain a segmentation violation via the component /xpdf/AcroForm.cc:538.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-08-30
CVE-2022-36562
Incorrect access control in the install directory (C:\Ruby31-x64) of Rubyinstaller2 v3.1.2 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-08-30
CVE-2022-36563
Incorrect access control in the install directory (C:\RailsInstaller) of Rubyinstaller2 v3.1.2 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-08-30
CVE-2022-36564
Incorrect access control in the install directory (C:\Strawberry) of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-08-30
CVE-2022-36565
Incorrect access control in the install directory (C:\Wamp64) of Wamp v3.2.6 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-08-30
CVE-2022-36657
Library Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /librarian/edit_book_details.php.
CVSS Score
4.8
EPSS Score
0.001
Published
2022-08-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved