Shodan

218.107.10.213

Regular View Raw Data
Last Seen: 2024-07-11

GeneralInformation

Country China
City Shenzhen
Organization China Unicom Guangdong province network
ISP China Unicom Guangzhou network
ASN AS17622
Operating System Windows

WebTechnologies

JavaScript libraries
jQuery1.7.11.10.2
UI frameworks
Bootstrap

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts 

-405853547 | 2024-07-10T01:08:20.906137
80 / tcp 
-1286378445 | 2024-06-29T15:05:20.110781
5222 / tcp 
832963245 | 2024-07-11T00:56:59.605642
8086 / tcp 
-1095937323 | 2024-07-05T02:44:58.773773
8088 / tcp 
1026276147 | 2024-07-03T17:04:20.201776
8090 / tcp 
1334113749 | 2024-06-27T20:34:18.849724
8098 / tcp 
-75412213 | 2024-06-16T15:07:08.508644
8999 / tcp



Products
Pricing
Contact Us

Shodan ® - All rights reserved

\", which results in the enclosed script logic to be executed.","verified":false},"CVE-2019-11358":{"cvss":4.3,"ports":[8086,8088],"summary":"jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.","verified":false},"CVE-2015-9251":{"cvss":4.3,"ports":[8086,8088],"summary":"jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.","verified":false},"CVE-2012-6708":{"cvss":4.3,"ports":[8086],"summary":"jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.","verified":false},"CVE-2010-3972":{"cvss":10.0,"ports":[8086,8088,8098],"summary":"Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka \"IIS FTP Service Heap Buffer Overrun Vulnerability.\" NOTE: some of these details are obtained from third party information.","verified":false},"CVE-2010-2730":{"cvss":9.3,"ports":[8086,8088,8098],"summary":"Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka \"Request Header Buffer Overflow Vulnerability.\"","verified":false},"CVE-2010-1899":{"cvss":4.3,"ports":[8086,8088,8098],"summary":"Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka \"IIS Repeated Parameter Request Denial of Service Vulnerability.\"","verified":false}}; setupBannerCve(); setupVulns(VULNS); })();