Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2024
CVE-2024-32345
A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Configuration parameter under the Language section.
CVSS Score
7.2
EPSS Score
0.001
Published
2024-04-17
CVE-2024-32743
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SITE LANGUAGE CONFIG parameter under the Security module.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-04-17
CVE-2024-32744
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE KEYWORDS parameter under the CURRENT PAGE module.
CVSS Score
4.6
EPSS Score
0.001
Published
2024-04-17
CVE-2024-32745
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE DESCRIPTION parameter under the CURRENT PAGE module.
CVSS Score
5.9
EPSS Score
0.0
Published
2024-04-17
CVE-2024-32746
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the MENU parameter under the Menu module.
CVSS Score
4.6
EPSS Score
0.001
Published
2024-04-17
CVE-2024-29951
Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not open to remote connection.
CVSS Score
5.7
EPSS Score
0.001
Published
2024-04-17
CVE-2024-21989
ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when successfully exploited could allow a read-only user to escalate their privileges.
CVSS Score
8.1
EPSS Score
0.002
Published
2024-04-17
CVE-2024-21990
ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard-coded credentials that could allow an attacker to view Deploy configuration information and modify the account credentials.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-04-17
CVE-2024-31585
FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVSS Score
5.3
EPSS Score
0.0
Published
2024-04-17
CVE-2024-32162
CMSeasy 7.7.7.9 is vulnerable to Arbitrary file deletion.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-04-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved