Shodan
Vulnerabilities
Vulnerable Software
Nukeviet:  Security Vulnerabilities
CVE-2020-13155
clearsystem.php in NukeViet 4.4 allows CSRF with resultant HTML injection via the deltype parameter to the admin/index.php?nv=webtools&op=clearsystem URI.
CVSS Score
8.8
EPSS Score
0.002
Published
2020-06-23
CVE-2020-13156
modules\users\admin\add_user.php in NukeViet 4.4 allows CSRF to add a user account via the admin/index.php?nv=users&op=user_add URI.
CVSS Score
6.5
EPSS Score
0.001
Published
2020-06-23
CVE-2020-13157
modules\users\admin\edit.php in NukeViet 4.4 allows CSRF to change a user's password via an admin/index.php?nv=users&op=edit&userid= URI. The old password is not needed.
CVSS Score
6.5
EPSS Score
0.001
Published
2020-06-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved