Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2023
CVE-2021-39036
IBM Cognos Analytics 11.1 and 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213966.
CVSS Score
6.1
EPSS Score
0.002
Published
2023-05-12
CVE-2023-29790
kodbox 1.2.x through 1.3.7 has a Sensitive Information Leakage issue.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-05-12
CVE-2023-29808
Cross Site Scripting (XSS) vulnerability in vogtmh cmaps (companymaps) 8.0 allows attackers to execute arbitrary code.
CVSS Score
6.1
EPSS Score
0.01
Published
2023-05-12
CVE-2023-29809
SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the request.
CVSS Score
9.8
EPSS Score
0.028
Published
2023-05-12
CVE-2023-2665
Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-05-12
CVE-2023-2666
Allocation of Resources Without Limits or Throttling in GitHub repository froxlor/froxlor prior to 2.0.16.
CVSS Score
6.8
EPSS Score
0.001
Published
2023-05-12
CVE-2023-30330
SoftExpert (SE) Excellence Suite 2.x versions before 2.1.3 is vulnerable to Local File Inclusion in the function /se/v42300/generic/gn_defaultframe/2.0/defaultframe_filter.php.
CVSS Score
9.8
EPSS Score
0.005
Published
2023-05-12
CVE-2023-30192
Prestashop possearchproducts 1.7 is vulnerable to SQL Injection via PosSearch::find().
CVSS Score
9.8
EPSS Score
0.502
Published
2023-05-12
CVE-2023-29283
Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-05-11
CVE-2023-29284
Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-05-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved