Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2022
CVE-2022-38116
Le-yan Personnel and Salary Management System has hard-coded database account and password within the website source code. An unauthenticated remote attacker can access, modify system data or disrupt service.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-08-30
CVE-2022-24106
In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-30
CVE-2022-24107
Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-30
CVE-2022-38784
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-30
CVE-2022-36709
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /staff/edit_book_details.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-08-30
CVE-2022-36711
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /staff/bookdetails.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-08-30
CVE-2022-36712
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /staff/studentdetails.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-08-30
CVE-2022-36713
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Section parameter at /librarian/lab.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-08-30
CVE-2022-36714
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Section parameter at /staff/lab.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-08-30
CVE-2022-36553
Hytec Inter HWL-2511-SS v1.05 and below was discovered to contain a command injection vulnerability via the component /www/cgi-bin/popen.cgi.
CVSS Score
9.8
EPSS Score
0.93
Published
2022-08-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved