Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2022
CVE-2022-3135
The SEO Smart Links WordPress plugin through 3.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
CVSS Score
4.8
EPSS Score
0.001
Published
2022-09-26
CVE-2022-3295
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8.
CVSS Score
5.3
EPSS Score
0.001
Published
2022-09-26
CVE-2022-3299
A vulnerability was found in Open5GS up to 2.4.10. It has been declared as problematic. Affected by this vulnerability is an unknown functionality in the library lib/sbi/client.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. The name of the patch is 724fa568435dae45ef0c3a48b2aabde052afae88. It is recommended to apply a patch to fix this issue. The identifier VDB-209545 was assigned to this vulnerability.
CVSS Score
4.3
EPSS Score
0.001
Published
2022-09-26
CVE-2022-40402
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the booking parameter at /admin/client_assign.php.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-09-26
CVE-2022-40403
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/feature_edit.php.
CVSS Score
7.2
EPSS Score
0.001
Published
2022-09-26
CVE-2022-40404
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/select.php.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-09-26
CVE-2022-40924
Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the "save_animal" file of the "Animals" module in the background management system.
CVSS Score
7.2
EPSS Score
0.001
Published
2022-09-26
CVE-2022-40925
Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the "save_event" file of the "Events" module in the background management system.
CVSS Score
7.2
EPSS Score
0.001
Published
2022-09-26
CVE-2022-40926
Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_leave_type.
CVSS Score
7.2
EPSS Score
0.001
Published
2022-09-26
CVE-2022-40927
Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_designation.
CVSS Score
7.2
EPSS Score
0.001
Published
2022-09-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved