Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2022
CVE-2022-40098
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_expense.php.
CVSS Score
7.2
EPSS Score
0.001
Published
2022-09-26
CVE-2022-40099
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_expense_category.php.
CVSS Score
7.2
EPSS Score
0.001
Published
2022-09-26
CVE-2022-40097
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_currency.php.
CVSS Score
7.2
EPSS Score
0.001
Published
2022-09-26
CVE-2022-40050
ZFile v4.1.1 was discovered to contain an arbitrary file upload vulnerability via the component /file/upload/1.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-09-26
CVE-2022-30004
Sourcecodester Online Market Place Site v1.0 suffers from an unauthenticated blind SQL Injection Vulnerability allowing remote attackers to dump the SQL database via time-based SQL injection..
CVSS Score
9.8
EPSS Score
0.007
Published
2022-09-26
CVE-2022-3290
Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8.
CVSS Score
5.7
EPSS Score
0.001
Published
2022-09-26
CVE-2022-30003
Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Site Scripting (XSS), allowing attackers to register as a Seller then create new products containing XSS payloads in the 'Product Title' and 'Short Description' fields.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-09-26
CVE-2022-3272
Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8.
CVSS Score
5.3
EPSS Score
0.001
Published
2022-09-26
CVE-2022-22058
Memory corruption due to use after free issue in kernel while processing ION handles in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVSS Score
8.4
EPSS Score
0.001
Published
2022-09-26
CVE-2022-40044
Centreon v20.10.18 was discovered to contain a cross-site scripting (XSS) vulnerability via the esc_name (Escalation Name) parameter at Configuration/Notifications/Escalations. This vulnerability allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-09-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved