Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2024
CVE-2024-29229
Missing authorization vulnerability in GetLiveViewPath webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVSS Score
7.7
EPSS Score
0.001
Published
2024-03-28
CVE-2024-29228
Missing authorization vulnerability in GetStmUrlPath webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVSS Score
7.7
EPSS Score
0.001
Published
2024-03-28
CVE-2024-29227
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Layout.LayoutSave webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to inject SQL commands via unspecified vectors.
CVSS Score
5.4
EPSS Score
0.002
Published
2024-03-28
CVE-2023-52231
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Booster Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.2.
CVSS Score
6.5
EPSS Score
0.004
Published
2024-03-28
CVE-2023-52234
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Booster Booster Elite for WooCommerce.This issue affects Booster Elite for WooCommerce: from n/a before 7.1.2.
CVSS Score
6.5
EPSS Score
0.004
Published
2024-03-28
CVE-2024-30221
Deserialization of Untrusted Data vulnerability in WP Sunshine Sunshine Photo Cart.This issue affects Sunshine Photo Cart: from n/a through 3.1.1.
CVSS Score
5.4
EPSS Score
0.004
Published
2024-03-28
CVE-2024-29100
Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.1.4.
CVSS Score
9.1
EPSS Score
0.001
Published
2024-03-28
CVE-2024-30200
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 BEAR allows Reflected XSS.This issue affects BEAR: from n/a through 1.1.4.2.
CVSS Score
7.1
EPSS Score
0.002
Published
2024-03-28
CVE-2024-29090
Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.1.4.
CVSS Score
6.8
EPSS Score
0.003
Published
2024-03-28
CVE-2024-28004
Missing Authorization vulnerability in ExtendThemes Colibri Page Builder.This issue affects Colibri Page Builder: from n/a through 1.0.248.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-03-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved