Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2022
CVE-2022-32283
Browse restriction bypass vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Cabinet via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-08-18
CVE-2022-32453
HTTP header injection vulnerability in Cybozu Office 10.0.0 to 10.8.5 may allow a remote attacker to obtain and/or alter the data of the product via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-08-18
CVE-2022-32544
Operation restriction bypass vulnerability in Project of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to alter the data of Project via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-08-18
CVE-2022-32583
Operation restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to alter the data of Scheduler via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-08-18
CVE-2022-33151
Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows remote attackers to inject an arbitrary script via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-08-18
CVE-2022-35173
An issue was discovered in Nginx NJS v0.7.5. The JUMP offset for a break instruction was not set to a correct offset during code generation, leading to a segmentation violation.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-08-18
CVE-2022-35198
Contract Management System v2.0 contains a weak default password which gives attackers to access database connection information.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-08-18
CVE-2021-30070
An issue was discovered in HestiaCP before v1.3.5. Attackers are able to arbitrarily install packages due to values taken from the pgk [] parameter in the update request being transmitted to the operating system's package manager.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-08-18
CVE-2021-30071
A cross-site scripting (XSS) vulnerability in /admin/list_key.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVSS Score
6.1
EPSS Score
0.003
Published
2022-08-18
CVE-2022-35153
FusionPBX 5.0.1 was discovered to contain a command injection vulnerability via /fax/fax_send.php.
CVSS Score
9.8
EPSS Score
0.053
Published
2022-08-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved