Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2024
CVE-2023-51409
Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 1.9.98.
CVSS Score
10.0
EPSS Score
0.927
Published
2024-04-12
CVE-2024-29461
An issue in Floodlight SDN OpenFlow Controller v.1.2 allows a remote attacker to cause a denial of service via the datapath id component.
CVSS Score
6.3
EPSS Score
0.006
Published
2024-04-12
CVE-2024-30845
Cross Site Scripting vulnerability in Rainbow external link network disk v.5.5 allows a remote attacker to execute arbitrary code via the validation component of the input parameters.
CVSS Score
6.1
EPSS Score
0.003
Published
2024-04-12
CVE-2024-31839
Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allows a remote attacker to escalate privileges via the sendCommandHandler function in the handler.go component.
CVSS Score
4.8
EPSS Score
0.353
Published
2024-04-12
CVE-2024-31362
Cross-Site Request Forgery (CSRF) vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-04-12
CVE-2024-31363
Cross-Site Request Forgery (CSRF) vulnerability in LifterLMS.This issue affects LifterLMS: from n/a through 7.5.0.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-04-12
CVE-2024-31818
Directory Traversal vulnerability in DerbyNet v.9.0 allows a remote attacker to execute arbitrary code via the page parameter of the kiosk.php component.
CVSS Score
9.8
EPSS Score
0.096
Published
2024-04-12
CVE-2024-3685
A vulnerability, which was classified as critical, was found in DedeCMS 5.7.112-UTF8. Affected is an unknown function of the file stepselect_main.php. The manipulation of the argument ids leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260472. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-04-12
CVE-2024-31293
Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.6.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-04-12
CVE-2024-31301
Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Multiple Page Generator Plugin – MPG.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.0.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-04-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved