Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2024
CVE-2024-31362
Cross-Site Request Forgery (CSRF) vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-04-12
CVE-2024-31363
Cross-Site Request Forgery (CSRF) vulnerability in LifterLMS.This issue affects LifterLMS: from n/a through 7.5.0.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-04-12
CVE-2024-31818
Directory Traversal vulnerability in DerbyNet v.9.0 allows a remote attacker to execute arbitrary code via the page parameter of the kiosk.php component.
CVSS Score
9.8
EPSS Score
0.096
Published
2024-04-12
CVE-2024-3685
A vulnerability, which was classified as critical, was found in DedeCMS 5.7.112-UTF8. Affected is an unknown function of the file stepselect_main.php. The manipulation of the argument ids leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260472. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-04-12
CVE-2024-31293
Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.6.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-04-12
CVE-2024-31301
Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Multiple Page Generator Plugin – MPG.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.0.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-04-12
CVE-2024-31268
Cross-Site Request Forgery (CSRF) vulnerability in AppPresser Team AppPresser.This issue affects AppPresser: from n/a through 4.3.0.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-04-12
CVE-2024-31269
Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Google Maps.This issue affects Easy Google Maps: from n/a through 1.11.11.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-04-12
CVE-2024-25545
An issue in Weave Weave Desktop v.7.78.10 allows a local attacker to execute arbitrary code via a crafted script to the nwjs framework component.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-04-12
CVE-2024-27261
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.2 could allow a privileged user to install a potentially dangerous tar file, which could give them access to subsequent systems where the package was installed. IBM X-Force ID: 283986.
CVSS Score
6.4
EPSS Score
0.0
Published
2024-04-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved