Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2020
CVE-2018-17572
InfluxDB 0.9.5 has Reflected XSS in the Write Data module.
CVSS Score
4.8
EPSS Score
0.003
Published
2020-03-02
CVE-2018-19599
Monstra CMS 1.6 allows XSS via an uploaded SVG document to the admin/index.php?id=filesmanager&path=uploads/ URI. NOTE: this is a discontinued product.
CVSS Score
5.4
EPSS Score
0.004
Published
2020-03-02
CVE-2018-19658
The Markdown editor in YXBJ before 8.3.2 on macOS has stored XSS. This behavior may be encountered by some Evernote users; however, it is a vulnerability in YXBJ, not a vulnerability in Evernote.
CVSS Score
5.4
EPSS Score
0.003
Published
2020-03-02
CVE-2018-15819
EasyIO EasyIO-30P devices before 2.0.5.27 have Incorrect Access Control, related to webuser.js.
CVSS Score
7.5
EPSS Score
0.007
Published
2020-03-02
CVE-2018-15820
EasyIO EasyIO-30P devices before 2.0.5.27 allow XSS via the dev.htm GDN parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-03-02
CVE-2020-8437
The bencoding parser in BitTorrent uTorrent through 3.5.5 (build 45505) misparses nested bencoded dictionaries, which allows a remote attacker to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.207
Published
2020-03-02
CVE-2020-8776
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via the URL property of a file.
CVSS Score
5.4
EPSS Score
0.009
Published
2020-03-02
CVE-2020-8777
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document.
CVSS Score
5.4
EPSS Score
0.007
Published
2020-03-02
CVE-2020-8778
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via an uploaded document, when the attacker has write access to a project.
CVSS Score
5.4
EPSS Score
0.009
Published
2020-03-02
CVE-2019-19370
A cross-site scripting (XSS) vulnerability in the web conferencing component of the Mitel MiCollab application before 9.0.15 for Android could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation in the file upload interface. A successful exploit could allow an attacker to execute arbitrary scripts.
CVSS Score
6.1
EPSS Score
0.008
Published
2020-03-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved