Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In December 2019
CVE-2019-7194
Known exploited
This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions.
CVSS Score
9.8
EPSS Score
0.939
Published
2019-12-05
CVE-2019-7195
Known exploited
This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions.
CVSS Score
9.8
EPSS Score
0.935
Published
2019-12-05
CVE-2019-19466
SCEditor 2.1.3 allows XSS.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-12-05
CVE-2019-7183
This improper link resolution vulnerability allows remote attackers to access system files. To fix this vulnerability, QNAP recommend updating QTS to their latest versions.
CVSS Score
9.8
EPSS Score
0.012
Published
2019-12-05
CVE-2019-7184
This cross-site scripting (XSS) vulnerability in Video Station allows remote attackers to inject and execute scripts on the administrator’s management console. To fix this vulnerability, QNAP recommend updating Video Station to their latest versions.
CVSS Score
4.8
EPSS Score
0.002
Published
2019-12-05
CVE-2019-7185
This cross-site scripting (XSS) vulnerability in Music Station allows remote attackers to inject and execute scripts on the administrator’s management console. To fix this vulnerability, QNAP recommend updating Music Station to their latest versions.
CVSS Score
4.8
EPSS Score
0.002
Published
2019-12-05
CVE-2019-7192
Known exploited
This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix these vulnerabilities, QNAP recommend updating Photo Station to their latest versions.
CVSS Score
9.8
EPSS Score
0.943
Published
2019-12-05
CVE-2013-0283
Katello: Username in Notification page has cross site scripting
CVSS Score
5.4
EPSS Score
0.003
Published
2019-12-05
CVE-2013-0326
OpenStack nova base images permissions are world readable
CVSS Score
5.5
EPSS Score
0.001
Published
2019-12-05
CVE-2019-19594
reset/modules/fotoliaFoto/multi_upload.php in the RESET.PRO Adobe Stock API Integration for PrestaShop 1.6 and 1.7 allows remote attackers to execute arbitrary code by uploading a .php file.
CVSS Score
9.8
EPSS Score
0.056
Published
2019-12-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved