Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2023
CVE-2023-1909
A vulnerability, which was classified as critical, was found in PHPGurukul BP Monitoring Management System 1.0. Affected is an unknown function of the file profile.php of the component User Profile Update Handler. The manipulation of the argument name/mobno leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225318 is the identifier assigned to this vulnerability.
CVSS Score
4.7
EPSS Score
0.0
Published
2023-04-07
CVE-2023-28706
Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 6.0.0.
CVSS Score
9.8
EPSS Score
0.01
Published
2023-04-07
CVE-2023-28707
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-04-07
CVE-2023-28710
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Spark Provider.This issue affects Apache Airflow Spark Provider: before 4.0.1.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-04-07
CVE-2023-28781
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin <= 1.5.4 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-04-07
CVE-2023-28789
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin <= 1.5.4 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-04-07
CVE-2023-28792
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Continuous Image Carousel With Lightbox plugin <= 1.0.15 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-04-07
CVE-2023-29170
Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in PI Websolution Product Enquiry for WooCommerce, WooCommerce product catalog plugin <= 2.2.12 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-04-07
CVE-2023-29171
Unauth. Reflected Cross-site Scripting (XSS) vulnerability in Magic Post Thumbnail plugin <= 4.1.10 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-04-07
CVE-2023-29172
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PropertyHive plugin <= 1.5.46 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-04-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved