Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2024
CVE-2024-32337
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ADMIN LOGIN URL parameter under the Security module.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-04-17
CVE-2024-32338
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE TITLE parameter under the Current Page module.
CVSS Score
5.4
EPSS Score
0.002
Published
2024-04-17
CVE-2024-32339
Multiple cross-site scripting (XSS) vulnerabilities in the HOW TO page of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into any of the parameters.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-04-17
CVE-2024-32340
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the WEBSITE TITLE parameter under the Menu module.
CVSS Score
9.6
EPSS Score
0.002
Published
2024-04-17
CVE-2024-32341
Multiple cross-site scripting (XSS) vulnerabilities in the Home page of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into any of the parameters.
CVSS Score
5.4
EPSS Score
0.002
Published
2024-04-17
CVE-2024-32342
A cross-site scripting (XSS) vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Permalink parameter.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-04-17
CVE-2024-32343
A cross-site scripting (XSS) vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-04-17
CVE-2024-32344
A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit parameter under the Language section.
CVSS Score
6.8
EPSS Score
0.001
Published
2024-04-17
CVE-2024-32345
A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Configuration parameter under the Language section.
CVSS Score
7.2
EPSS Score
0.001
Published
2024-04-17
CVE-2024-32743
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SITE LANGUAGE CONFIG parameter under the Security module.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-04-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved