Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2018
CVE-2018-5288
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page.
CVSS Score
6.1
EPSS Score
0.004
Published
2018-01-08
CVE-2018-5289
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-information page.
CVSS Score
7.5
EPSS Score
0.111
Published
2018-01-08
CVE-2018-5290
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page.
CVSS Score
7.5
EPSS Score
0.111
Published
2018-01-08
CVE-2018-5291
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-tools page.
CVSS Score
7.5
EPSS Score
0.111
Published
2018-01-08
CVE-2018-5292
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-information page.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-01-08
CVE-2018-5293
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-tools page.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-01-08
CVE-2018-5294
In libming 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the readUInt32 function (util/read.c). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file.
CVSS Score
6.5
EPSS Score
0.006
Published
2018-01-08
CVE-2018-5295
In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.
CVSS Score
5.5
EPSS Score
0.004
Published
2018-01-08
CVE-2018-5296
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.
CVSS Score
5.5
EPSS Score
0.004
Published
2018-01-08
CVE-2017-5971
SQL injection vulnerability in NewsBee CMS allow remote attackers to execute arbitrary SQL commands.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-01-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved