Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2023
CVE-2023-23683
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ozan Canakli White Label Branding for Elementor Page Builder plugin <= 1.0.2 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-05-15
CVE-2023-23688
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Sumo Social Share Boost plugin <= 4.4 versions.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-05-15
CVE-2023-31986
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the setWAN function in /bin/webs without any limitations.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-05-15
CVE-2023-22703
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Webcodin WCP Contact Form plugin <= 3.1.0 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-05-15
CVE-2023-23445
Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to gain unauthorized access to data fields by using a therefore unpriviledged account via the REST interface.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-05-15
CVE-2023-23446
Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to download files by using a therefore unpriviledged account via the REST interface.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-05-15
CVE-2023-23447
Uncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to influence the availability of the webserver by invocing several open file requests via the REST interface.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-05-15
CVE-2023-23448
Inclusion of Sensitive Information in Source Code in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames via analysis of source code.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-05-15
CVE-2023-23449
Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames by analyzing challenge responses from the server via the REST interface.
CVSS Score
5.3
EPSS Score
0.002
Published
2023-05-15
CVE-2023-23450
Use of Password Hash Instead of Password for Authentication in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to use a password hash instead of an actual password to login to a valid user account via the REST interface.
CVSS Score
6.2
EPSS Score
0.002
Published
2023-05-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved