Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2024
CVE-2024-22809
Incorrect access control in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to access the G code's shared folder and view sensitive information.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-04-22
CVE-2024-22811
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service (DoS) by disrupting the communication between the PathPilot controller and the CNC router via overwriting the Hostmot2 configuration cookie in the device memory.
CVSS Score
8.2
EPSS Score
0.002
Published
2024-04-22
CVE-2024-22813
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to overwrite the hardcoded IP address in the device memory, disrupting network connectivity between the router and the controller.
CVSS Score
4.4
EPSS Score
0.001
Published
2024-04-22
CVE-2024-22815
An issue in the communication protocol of Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service (DoS) via crafted commands.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-04-22
CVE-2024-29661
A File Upload vulnerability in DedeCMS v5.7 allows a local attacker to execute arbitrary code via a crafted payload.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-04-22
CVE-2024-32681
Missing Authorization vulnerability in BdThemes Prime Slider – Addons For Elementor.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.13.2.
CVSS Score
4.3
EPSS Score
0.003
Published
2024-04-22
CVE-2024-32682
Missing Authorization vulnerability in BdThemes Prime Slider – Addons For Elementor.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.13.2.
CVSS Score
7.1
EPSS Score
0.003
Published
2024-04-22
CVE-2024-32684
Missing Authorization vulnerability in Wpmet Wp Ultimate Review.This issue affects Wp Ultimate Review: from n/a through 2.2.5.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-04-22
CVE-2024-32698
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leevio Happy Addons for Elementor allows Stored XSS.This issue affects Happy Addons for Elementor: from n/a through 3.10.4.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-04-22
CVE-2023-7252
The Tickera WordPress plugin before 3.5.2.5 does not prevent users from leaking other users' tickets.
CVSS Score
5.3
EPSS Score
0.003
Published
2024-04-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved