Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2022
CVE-2022-32573
A directory traversal vulnerability exists in the AssetActions.aspx addDoc functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Score
9.9
EPSS Score
0.024
Published
2022-12-15
CVE-2022-32763
A cross-site scripting (xss) sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Score
9.1
EPSS Score
0.002
Published
2022-12-15
CVE-2022-27498
A directory traversal vulnerability exists in the TicketTemplateActions.aspx GetTemplateAttachment functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Score
9.1
EPSS Score
0.509
Published
2022-12-15
CVE-2022-46768
Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files.
CVSS Score
5.9
EPSS Score
0.05
Published
2022-12-15
CVE-2022-4504
Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.0.2.
CVSS Score
7.1
EPSS Score
0.001
Published
2022-12-15
CVE-2022-4505
Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.2.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-12-15
CVE-2022-4506
Unrestricted Upload of File with Dangerous Type in GitHub repository openemr/openemr prior to 7.0.0.2.
CVSS Score
7.6
EPSS Score
0.0
Published
2022-12-15
CVE-2022-4502
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2.
CVSS Score
7.3
EPSS Score
0.019
Published
2022-12-15
CVE-2022-4503
Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.0.2.
CVSS Score
6.4
EPSS Score
0.003
Published
2022-12-15
CVE-2022-3917
Improper access control of bootloader function was discovered in Motorola Mobility Motorola e20 prior to version RONS31.267-38-8 allows attacker with local access to read partition or RAM data.
CVSS Score
4.6
EPSS Score
0.0
Published
2022-12-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved