Shodan
Vulnerabilities
Vulnerable Software
Lansweeper:  >> Lansweeper  >> 10.1.1.0  Security Vulnerabilities
CVE-2022-28703
A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Score
9.1
EPSS Score
0.005
Published
2022-12-15
CVE-2022-29511
A directory traversal vulnerability exists in the KnowledgebasePageActions.aspx ImportArticles functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Score
9.1
EPSS Score
0.021
Published
2022-12-15
CVE-2022-29517
A directory traversal vulnerability exists in the HelpdeskActions.aspx edittemplate functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Score
9.9
EPSS Score
0.532
Published
2022-12-15
CVE-2022-32573
A directory traversal vulnerability exists in the AssetActions.aspx addDoc functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Score
9.9
EPSS Score
0.024
Published
2022-12-15
CVE-2022-32763
A cross-site scripting (xss) sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Score
9.1
EPSS Score
0.003
Published
2022-12-15
CVE-2022-27498
A directory traversal vulnerability exists in the TicketTemplateActions.aspx GetTemplateAttachment functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Score
9.1
EPSS Score
0.509
Published
2022-12-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved