Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2022
CVE-2022-43076
A cross-site scripting (XSS) vulnerability in /admin/edit-admin.php of Web-Based Student Clearance System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtemail parameter.
CVSS Score
4.8
EPSS Score
0.001
Published
2022-11-01
CVE-2022-43078
A cross-site scripting (XSS) vulnerability in /admin/add-fee.php of Web-Based Student Clearance System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cmddept parameter.
CVSS Score
4.8
EPSS Score
0.001
Published
2022-11-01
CVE-2022-43079
A cross-site scripting (XSS) vulnerability in /admin/add-fee.php of Train Scheduler App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cmddept parameter.
CVSS Score
6.1
EPSS Score
0.001
Published
2022-11-01
CVE-2022-43081
Fast Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the component /fastfood/purchase.php.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-11-01
CVE-2022-43082
A cross-site scripting (XSS) vulnerability in /fastfood/purchase.php of Fast Food Ordering System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the customer parameter.
CVSS Score
6.1
EPSS Score
0.001
Published
2022-11-01
CVE-2022-43083
An arbitrary file upload vulnerability in admin-add-vehicle.php of Vehicle Booking System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
CVSS Score
7.2
EPSS Score
0.001
Published
2022-11-01
CVE-2022-43084
A cross-site scripting (XSS) vulnerability in admin-add-vehicle.php of Vehicle Booking System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the v_name parameter.
CVSS Score
4.8
EPSS Score
0.001
Published
2022-11-01
CVE-2022-43085
An arbitrary file upload vulnerability in add_product.php of Restaurant POS System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
CVSS Score
7.2
EPSS Score
0.001
Published
2022-11-01
CVE-2022-43086
Restaurant POS System v1.0 was discovered to contain a SQL injection vulnerability via update_customer.php.
CVSS Score
4.9
EPSS Score
0.001
Published
2022-11-01
CVE-2022-43124
Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=user/manage_user.
CVSS Score
7.2
EPSS Score
0.001
Published
2022-11-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved