Shodan
Vulnerabilities
Vulnerable Software
Vanguard Project:  >> Marketplace Digital Products Php  Security Vulnerabilities
CVE-2017-17936
Vanguard Marketplace Digital Products PHP has CSRF via /search.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-12-28
CVE-2017-17937
Vanguard Marketplace Digital Products PHP has XSS via the phps_query parameter to /search.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-12-28
CVE-2017-17873
Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI.
CVSS Score
9.8
EPSS Score
0.015
Published
2017-12-27
CVE-2017-17874
Vanguard Marketplace Digital Products PHP 1.4 allows arbitrary file upload via an "Add a new product" or "Add a product preview" action, which can make a .php file accessible under a uploads/ URI.
CVSS Score
8.8
EPSS Score
0.025
Published
2017-12-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved