Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2023
CVE-2023-24729
Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the address parameter in the user profile update function.
CVSS Score
8.8
EPSS Score
0.009
Published
2023-03-15
CVE-2023-24730
Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the company parameter in the user profile update function.
CVSS Score
8.8
EPSS Score
0.009
Published
2023-03-15
CVE-2023-24731
Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the query parameter in the user profile update function.
CVSS Score
8.8
EPSS Score
0.008
Published
2023-03-15
CVE-2023-24732
Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the gender parameter in the user profile update function.
CVSS Score
8.8
EPSS Score
0.008
Published
2023-03-15
CVE-2023-26084
The armv8_dec_aes_gcm_full() API of Arm AArch64cryptolib before 86065c6 fails to the verify the authentication tag of AES-GCM protected data, leading to a man-in-the-middle attack. This occurs because of an improperly initialized variable.
CVSS Score
3.7
EPSS Score
0.002
Published
2023-03-15
CVE-2022-45155
An Improper Handling of Exceptional Conditions vulnerability in obs-service-go_modules of openSUSE Factory allows attackers that can influence the call to the service to delete files and directories on the system of the victim. This issue affects: SUSE openSUSE Factory obs-service-go_modules versions prior to 0.6.1.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-03-15
CVE-2023-0322
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Talent Software UNIS allows Reflected XSS.This issue affects UNIS: before 28376.
CVSS Score
6.1
EPSS Score
0.002
Published
2023-03-15
CVE-2022-47427
Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.3.24.1 versions.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-03-15
CVE-2023-25708
Cross-Site Request Forgery (CSRF) vulnerability in Rextheme WP VR – 360 Panorama and Virtual Tour Builder For WordPress plugin <= 8.2.7 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-03-15
CVE-2023-25709
Cross-Site Request Forgery (CSRF) vulnerability in Plainware Locatoraid Store Locator plugin <= 3.9.11 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-03-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved