Shodan
Maps
Images
Monitor
Developer
More...
Dashboard
View Api Docs
Vulnerabilities
By Date
Known Exploited
Advanced Search
Vulnerable Software
Vendors
Products
Misp-Project:
>> Misp
Security Vulnerabilities
CVE-2022-27243
An issue was discovered in MISP before 2.4.156. app/View/Users/terms.ctp allows Local File Inclusion via the custom terms file setting.
CVSS Score
7.8
EPSS Score
0.012
Published
2022-03-18
CVE-2022-27244
An issue was discovered in MISP before 2.4.156. A malicious site administrator could store an XSS payload in the custom auth name. This would be executed each time the administrator modifies a user.
CVSS Score
4.8
EPSS Score
0.005
Published
2022-03-18
CVE-2022-27245
An issue was discovered in MISP before 2.4.156. app/Model/Server.php does not restrict generateServerSettings to the CLI. This could lead to SSRF.
CVSS Score
8.8
EPSS Score
0.009
Published
2022-03-18
CVE-2022-27246
An issue was discovered in MISP before 2.4.156. An SVG org logo (which may contain JavaScript) is not forbidden by default.
CVSS Score
6.1
EPSS Score
0.006
Published
2022-03-18
CVE-2021-41326
In MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shell_exec call.
CVSS Score
9.8
EPSS Score
0.021
Published
2021-09-17
CVE-2021-39302
MISP 2.4.148, in certain configurations, allows SQL injection via the app/Model/Log.php $conditions['org'] value.
CVSS Score
9.8
EPSS Score
0.009
Published
2021-08-19
CVE-2021-37742
app/View/Elements/GalaxyClusters/view_relation_tree.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster relationships.
CVSS Score
5.4
EPSS Score
0.006
Published
2021-07-30
CVE-2021-37743
app/View/GalaxyElements/ajax/index.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster elements in JSON format.
CVSS Score
5.4
EPSS Score
0.007
Published
2021-07-30
CVE-2021-37534
app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when forking a galaxy cluster.
CVSS Score
5.4
EPSS Score
0.005
Published
2021-07-26
CVE-2021-36212
app/View/SharingGroups/view.ctp in MISP before 2.4.146 allows stored XSS in the sharing groups view.
CVSS Score
6.1
EPSS Score
0.006
Published
2021-07-07
Prev
Next
Page 7
Products
Monitor
Search Engine
Developer API
Maps
Bulk Data
Images
Snippets
Pricing
Membership
API Subscriptions
Enterprise
Contact Us
support@shodan.io
Shodan ® - All rights reserved