Shodan
Vulnerabilities
Vulnerable Software
Spiceworks:  >> Spiceworks  >> 7.1  Security Vulnerabilities
CVE-2020-23451
Spiceworks Version <= 7.5.00107 is affected by CSRF which can lead to privilege escalation via "/settings/v1/users" function.
CVSS Score
8.8
EPSS Score
0.001
Published
2020-09-15
CVE-2020-23450
Spiceworks Version <= 7.5.00107 is affected by XSS. Any name typed on Custom Groups function is vulnerable to stored XSS as they displayed on http://127.0.0.1/inventory/groups/ without output sanitization.
CVSS Score
5.4
EPSS Score
0.004
Published
2020-09-01
CVE-2014-3740
Cross-site scripting (XSS) vulnerability in SpiceWorks before 7.2.00195 allows remote authenticated users to inject arbitrary web script or HTML via the Summary field in a ticket request to the portal page.
CVSS Score
3.5
EPSS Score
0.022
Published
2014-09-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved