Shopbeat Shop Beat Media Player — known CVE vulnerabilities
Every CVE whose affected-product data names Shopbeat Shop Beat Media Player, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2022-36246 — CVSS 9.8 (critical): Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Insecure Permissions.
CVE-2022-36247 — CVSS 9.1 (critical): Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za.
CVE-2022-36250 — CVSS 8.8 (high): Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Cross Site Request Forgery (CSRF).
CVE-2022-36244 — CVSS 5.4 (medium): Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 suffers from Multiple Stored Cross-Site Scripting (XSS)…
CVE-2022-36249 — CVSS 5.4 (medium): Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass 2FA via APIs. For Controlpanel Lite…
CVE-2022-36243 — CVSS 5.3 (medium): Shop Beat Solutions (pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Directory Traversal via server.shopbeat.co.za…