Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2023
CVE-2022-41354
An access control issue in Argo CD v2.4.12 and below allows unauthenticated attackers to enumerate existing applications.
CVSS Score
4.3
EPSS Score
0.021
Published
2023-03-27
CVE-2022-46843
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Le Van Toan Woocommerce Vietnam Checkout plugin <= 2.0.4 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-03-27
CVE-2022-47924
An high privileged attacker may pass crafted arguments to the validate function of csaf-validator-lib of a locally installed Secvisogram in versions < 0.1.0 wich can result in arbitrary code execution and DoS once the users triggers the validation.
CVSS Score
6.5
EPSS Score
0.0
Published
2023-03-27
CVE-2022-47925
The validate JSON endpoint of the Secvisogram csaf-validator-service in versions < 0.1.0 processes tests with unexpected names. This insufficient input validation of requests by an unauthenticated remote user might lead to a partial DoS of the service. Only the request of the attacker is affected by this vulnerability.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-03-27
CVE-2023-24094
An issue in the bridge2 component of MikroTik RouterOS v6.40.5 allows attackers to cause a Denial of Service (DoS) via crafted packets.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-03-27
CVE-2023-26958
Phpgurukul Park Ticketing Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Admin Name parameter.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-03-27
CVE-2023-26959
Phpgurukul Park Ticketing Management System 1.0 is vulnerable to SQL Injection via the User Name parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-03-27
CVE-2022-32199
db_convert.php in ScriptCase through 9.9.008 is vulnerable to Arbitrary File Deletion by an admin via a directory traversal sequence in the file parameter.
CVSS Score
6.5
EPSS Score
0.071
Published
2023-03-27
CVE-2022-4126
Use of Default Password vulnerability in ABB RCCMD on Windows, Linux, MacOS allows Try Common or Default Usernames and Passwords.This issue affects RCCMD: before 4.40 230207.
CVSS Score
9.6
EPSS Score
0.003
Published
2023-03-27
CVE-2023-24840
HGiga MailSherlock mail query function has vulnerability of insufficient validation for user input. An authenticated remote attacker with administrator privilege can exploit this vulnerability to inject SQL commands to read, modify, and delete the database.
CVSS Score
7.2
EPSS Score
0.003
Published
2023-03-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved