Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2024
CVE-2024-30622
Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the mitInterface parameter from fromAddressNat function.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-03-29
CVE-2024-30623
Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the page parameter from fromDhcpListClient function.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-03-29
CVE-2024-30624
Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the urls parameter from saveParentControlInfo function.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-03-29
CVE-2024-30456
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WPCS.This issue affects WPCS: from n/a through 1.2.0.1.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-03-29
CVE-2024-30457
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF).This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3.1.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-03-29
CVE-2024-30458
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOOCS – WooCommerce Currency Switcher.This issue affects WOOCS – WooCommerce Currency Switcher: from n/a through 1.4.1.7.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-03-29
CVE-2024-30483
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simple Sponsorships Sponsors allows Stored XSS.This issue affects Sponsors: from n/a through 3.5.1.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-03-29
CVE-2024-23449
An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypted PDF files.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-03-29
CVE-2023-6047
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Algoritim E-commerce Software allows Reflected XSS.This issue affects E-commerce Software: before 3.9.2.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-03-29
CVE-2023-6191
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Egehan Security WebPDKS allows SQL Injection.This issue affects WebPDKS: through 20240329. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-03-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved