Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2024
CVE-2024-29374
A Cross-Site Scripting (XSS) vulnerability exists in the way MOODLE 3.10.9 handles user input within the "GET /?lang=" URL parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-03-21
CVE-2024-27964
Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.9.
CVSS Score
8.8
EPSS Score
0.008
Published
2024-03-21
CVE-2024-27965
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFunnels Team WPFunnels allows Stored XSS.This issue affects WPFunnels: from n/a through 3.0.6.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-03-21
CVE-2024-27968
Cross-Site Request Forgery (CSRF) vulnerability in Optimole Super Page Cache for Cloudflare allows Stored XSS.This issue affects Super Page Cache for Cloudflare: from n/a through 4.7.5.
CVSS Score
7.1
EPSS Score
0.002
Published
2024-03-21
CVE-2024-2578
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPCoder WP Coder allows Stored XSS.This issue affects WP Coder: from n/a through 3.5.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-03-21
CVE-2024-27190
Missing Authorization vulnerability in Jean-David Daviet Download Media.This issue affects Download Media: from n/a through 1.4.2.
CVSS Score
4.3
EPSS Score
0.005
Published
2024-03-21
CVE-2024-27277
The private key for the IBM Storage Protect Plus Server 10.1.0 through 10.1.16 certificate can be disclosed, undermining the security of the certificate. IBM X-Force ID: 285205.
CVSS Score
6.2
EPSS Score
0.0
Published
2024-03-21
CVE-2024-27956
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.
CVSS Score
9.9
EPSS Score
0.933
Published
2024-03-21
CVE-2024-27962
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Florian 'fkrauthan' Krauthan allows Reflected XSS.This issue affects wp-mpdf: from n/a through 3.7.1.
CVSS Score
7.1
EPSS Score
0.002
Published
2024-03-21
CVE-2024-27963
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crisp allows Stored XSS.This issue affects Crisp: from n/a through 0.44.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-03-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved