Shodan
Vulnerabilities
Vulnerable Software
Xerox:  Security Vulnerabilities
CVE-2010-0549
Unspecified vulnerability in the Network Controller in Xerox WorkCentre 6400 System Software 060.070.109.11407 through 060.070.109.29510, and Net Controller 060.079.11410 through 060.079.29310, allows remote attackers to access "directory structure" via a crafted PostScript file, aka "Unauthorized Directory Structure Access Vulnerability."
CVSS Score
5.0
EPSS Score
0.003
Published
2010-02-04
CVE-2009-3913
SQL injection vulnerability in summary.php in Xerox Fiery Webtools allows remote attackers to execute arbitrary SQL commands via the select parameter.
CVSS Score
7.5
EPSS Score
0.002
Published
2009-11-09
CVE-2009-1656
Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265, 275; and WorkCentre 5632, 5638, 5645, 5655, 5665, 5675, 5687, 7655, 7656, and 7675 allows remote attackers to execute arbitrary commands via unknown attack vectors, aka "command injection vulnerability."
CVSS Score
10.0
EPSS Score
0.069
Published
2009-05-16
CVE-2008-6436
Cross-site scripting (XSS) vulnerability in the Web Server in Xerox WorkCentre 7132, 7228, 7235, and 7245 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.005
Published
2009-03-06
CVE-2008-5225
Multiple cross-site scripting (XSS) vulnerabilities in Xerox DocuShare 6 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) SearchResults/ and (2) Services/ in dsdn/dsweb/, and (3) the default URI under unspecified docushare/dsweb/ServicesLib/Group-#/ directories.
CVSS Score
4.3
EPSS Score
0.036
Published
2008-11-25
CVE-2008-3571
The Xerox Phaser 8400 allows remote attackers to cause a denial of service (reboot) via an empty UDP packet to port 1900.
CVSS Score
7.8
EPSS Score
0.224
Published
2008-08-10
CVE-2008-3121
Multiple cross-site scripting (XSS) vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.003
Published
2008-07-10
CVE-2008-3122
Multiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to execute arbitrary SQL commands via the unspecified vectors.
CVSS Score
6.5
EPSS Score
0.003
Published
2008-07-10
CVE-2008-2824
Unspecified vulnerability in the Extensible Interface Platform in Web Services in Xerox WorkCentre 7655, 7665, and 7675 allows remote attackers to make configuration changes via unknown vectors.
CVSS Score
10.0
EPSS Score
0.02
Published
2008-06-23
CVE-2008-2825
Cross-site scripting (XSS) vulnerability in the embedded Web Server in Xerox WorkCentre M123, M128, and 133 and WorkCentre Pro 123, 128, and 133 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.005
Published
2008-06-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved