Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2022
CVE-2022-2897
Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow privilege escalation..
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-31
CVE-2022-2898
Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow a denial-of-service condition.
CVSS Score
6.1
EPSS Score
0.0
Published
2022-08-31
CVE-2022-36201
Doctor’s Appointment System v1.0 is vulnerable to Blind SQLi via settings.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-08-31
CVE-2022-36202
Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-08-31
CVE-2022-36203
Doctor's Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) via the admin panel. In addition, it leads to takeover the administrator account by stealing the cookie via XSS.
CVSS Score
6.1
EPSS Score
0.001
Published
2022-08-31
CVE-2022-36620
D-link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img is vulnerable to Buffer Overflow via /goform/addRouting.
CVSS Score
7.5
EPSS Score
0.007
Published
2022-08-31
CVE-2022-36571
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the mask parameter at /goform/WanParameterSetting.
CVSS Score
7.2
EPSS Score
0.001
Published
2022-08-31
CVE-2022-36580
An arbitrary file upload vulnerability in the component /admin/products/controller.php?action=add of Online Ordering System v2.3.2 allows attackers to execute arbitrary code via a crafted PHP file.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-08-31
CVE-2022-36581
Online Ordering System v2.3.2 was discovered to contain a SQL injection vulnerability via the user_email parameter at /admin/login.php.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-08-31
CVE-2022-36582
An arbitrary file upload vulnerability in the component /php_action/createProduct.php of Garage Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-08-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved