Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2025
CVE-2024-42898
A cross-site scripting (XSS) vulnerability in Nagios XI 2024R1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter in the Account Settings page.
CVSS Score
5.4
EPSS Score
0.019
Published
2025-01-09
CVE-2024-13281
Incorrect Authorization vulnerability in Drupal Monster Menus allows Forceful Browsing.This issue affects Monster Menus: from 0.0.0 before 9.3.2.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13282
Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This issue affects Block permissions: from 1.0.0 before 1.2.0.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13283
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Facets allows Cross-Site Scripting (XSS).This issue affects Facets: from 0.0.0 before 2.0.9.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-01-09
CVE-2024-13284
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Gutenberg allows Cross Site Request Forgery.This issue affects Gutenberg: from 0.0.0 before 2.13.0, from 3.0.0 before 3.0.5.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-01-09
CVE-2024-13285
Vulnerability in Drupal wkhtmltopdf.This issue affects wkhtmltopdf: *.*.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13286
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal SVG Embed allows Cross-Site Scripting (XSS).This issue affects SVG Embed: from 0.0.0 before 2.1.2.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-01-09
CVE-2024-13287
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Views SVG Animation allows Cross-Site Scripting (XSS).This issue affects Views SVG Animation: from 0.0.0 before 1.0.1.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-01-09
CVE-2024-13272
Insufficient Granularity of Access Control vulnerability in Drupal Paragraphs table allows Content Spoofing.This issue affects Paragraphs table: from 0.0.0 before 1.23.0, from 2.0.0 before 2.0.2.
CVSS Score
6.3
EPSS Score
0.001
Published
2025-01-09
CVE-2024-13273
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Open Social allows Cross-Site Scripting (XSS).This issue affects Open Social: from 0.0.0 before 12.3.8, from 12.4.0 before 12.4.5, from 13.0.0 before 13.0.0-alpha11.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-01-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved