Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2019-25700
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the sort_direction parameter. Attackers can submit malicious SQL statements in the sort_direction parameter to extract sensitive database information or modify data.
CVSS Score
8.2
EPSS Score
0.0
Published
2026-04-05
CVE-2019-25702
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the id_project parameter. Attackers can send crafted requests with malicious SQL statements in the id_project parameter to extract sensitive database information or modify data.
CVSS Score
8.2
EPSS Score
0.0
Published
2026-04-05
CVE-2019-25704
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the filter_user_mail parameter. Attackers can send crafted requests with malicious SQL statements to extract sensitive database information or modify data.
CVSS Score
8.2
EPSS Score
0.0
Published
2026-04-05
CVE-2019-25688
Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the menu_lev1 parameter. Attackers can send crafted requests with malicious SQL payloads in the menu_lev1 parameter to extract sensitive database information or modify database contents.
CVSS Score
8.2
EPSS Score
0.001
Published
2026-04-05
CVE-2019-25690
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the mng_profile_id parameter. Attackers can send crafted requests with malicious SQL payloads in the mng_profile_id parameter to extract sensitive database information.
CVSS Score
8.2
EPSS Score
0.0
Published
2026-04-05
CVE-2019-25692
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the 'id_to_modify' parameter. Attackers can send crafted requests with malicious SQL statements in the id_to_modify field to extract sensitive database information or modify data.
CVSS Score
8.2
EPSS Score
0.0
Published
2026-04-05
CVE-2026-35616
Known exploited
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
CVSS Score
9.8
EPSS Score
0.06
Published
2026-04-04
CVE-2026-27655
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on Mailboxes report.
CVSS Score
7.3
EPSS Score
0.0
Published
2026-04-03
CVE-2026-4107
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Folder Message Count and Size report.
CVSS Score
7.3
EPSS Score
0.0
Published
2026-04-03
CVE-2026-4108
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Non-Owner Mailbox Permission report.
CVSS Score
7.3
EPSS Score
0.0
Published
2026-04-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved