Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2020
CVE-2019-19209
Dolibarr ERP/CRM before 10.0.3 allows SQL Injection.
CVSS Score
7.5
EPSS Score
0.016
Published
2020-03-16
CVE-2019-19210
Dolibarr ERP/CRM before 10.0.3 allows XSS because uploaded HTML documents are served as text/html despite being renamed to .noexe files.
CVSS Score
5.4
EPSS Score
0.006
Published
2020-03-16
CVE-2019-19211
Dolibarr ERP/CRM before 10.0.3 has an Insufficient Filtering issue that can lead to user/card.php XSS.
CVSS Score
6.1
EPSS Score
0.021
Published
2020-03-16
CVE-2020-10557
An issue was discovered in AContent through 1.4. It allows the user to run commands on the server with a low-privileged account. The upload section in the file manager page contains an arbitrary file upload vulnerability via upload.php. The extension .php7 bypasses file upload restrictions.
CVSS Score
8.8
EPSS Score
0.001
Published
2020-03-16
CVE-2018-10125
Contao before 4.5.7 has XSS in the system log.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-03-16
CVE-2018-13060
Easy!Appointments 1.3.0 has a Guessable CAPTCHA issue.
CVSS Score
6.5
EPSS Score
0.003
Published
2020-03-16
CVE-2018-13063
Easy!Appointments 1.3.0 has a Missing Authorization issue allowing retrieval of hashed passwords and salts.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-03-16
CVE-2020-9518
Login filter can access configuration files vulnerability in Micro Focus Service Manager (Web Tier), affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data.
CVSS Score
5.3
EPSS Score
0.004
Published
2020-03-16
CVE-2019-10091
When TLS is enabled with ssl-endpoint-identification-enabled set to true, Apache Geode fails to perform hostname verification of the entries in the certificate SAN during the SSL handshake. This could compromise intra-cluster communication using a man-in-the-middle attack.
CVSS Score
7.4
EPSS Score
0.001
Published
2020-03-16
CVE-2020-9519
HTTP methods reveled in Web services vulnerability in Micro Focus Service manager (server), affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data.
CVSS Score
5.3
EPSS Score
0.004
Published
2020-03-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved