Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2024
CVE-2024-22282
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Torbert SimpleMap Store Locator allows Reflected XSS.This issue affects SimpleMap Store Locator: from n/a through 2.6.1.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-01-31
CVE-2024-22286
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aluka BA Plus – Before & After Image Slider FREE allows Reflected XSS.This issue affects BA Plus – Before & After Image Slider FREE: from n/a through 1.0.3.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-01-31
CVE-2024-22289
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cybernetikz Post views Stats allows Reflected XSS.This issue affects Post views Stats: from n/a through 1.3.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-01-31
CVE-2024-21888
A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator.
CVSS Score
8.8
EPSS Score
0.612
Published
2024-01-31
CVE-2024-21893
Known exploited
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.
CVSS Score
8.2
EPSS Score
0.943
Published
2024-01-31
CVE-2024-22160
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bradley B. Dalina Image Tag Manager allows Reflected XSS.This issue affects Image Tag Manager: from n/a through 1.5.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-01-31
CVE-2024-22161
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Harmonic Design HD Quiz allows Stored XSS.This issue affects HD Quiz: from n/a through 1.8.11.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-01-31
CVE-2024-22162
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM WPZOOM Shortcodes allows Reflected XSS.This issue affects WPZOOM Shortcodes: from n/a through 1.0.3.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-01-31
CVE-2023-50165
Pega Platform versions 8.2.1 to Infinity 23.1.0 are affected by an Generated PDF issue that could expose file contents.
CVSS Score
8.5
EPSS Score
0.001
Published
2024-01-31
CVE-2023-50166
Pega Platform from 8.5.4 to 8.8.3 is affected by an XSS issue with an unauthenticated user and the redirect parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-01-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved