Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2024
CVE-2024-35511
phpgurukul Men Salon Management System v2.0 is vulnerable to SQL Injection via the "username" parameter of /msms/admin/index.php.
CVSS Score
4.7
EPSS Score
0.0
Published
2024-05-28
CVE-2024-22641
TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted SVG file.
CVSS Score
7.5
EPSS Score
0.103
Published
2024-05-28
CVE-2024-35582
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Department input field.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-05-28
CVE-2024-35583
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Remarks input field.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-05-28
CVE-2024-35510
An arbitrary file upload vulnerability in /dede/file_manage_control.php of DedeCMS v5.7.114 allows attackers to execute arbitrary code via uploading a crafted file.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-05-28
CVE-2024-35581
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Borrower Name input field.
CVSS Score
6.1
EPSS Score
0.003
Published
2024-05-28
CVE-2023-30308
An issue discovered in Ruijie EG210G-P, Ruijie EG105G-V2, Ruijie NBR, and Ruijie EG105G routers allows attackers to hijack TCP sessions which could lead to a denial of service.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-05-28
CVE-2023-30309
An issue discovered in D-Link DI-7003GV2 routers allows attackers to hijack TCP sessions which could lead to a denial of service.
CVSS Score
5.7
EPSS Score
0.001
Published
2024-05-28
CVE-2022-45171
An issue was discovered in LIVEBOX Collaboration vDesk through v018. An Unrestricted Upload of a File with a Dangerous Type can occur under the vShare web site section. A remote user, authenticated to the product, can arbitrarily upload potentially dangerous files without restrictions.
CVSS Score
8.8
EPSS Score
0.016
Published
2024-05-28
CVE-2024-24919
Known exploited
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
CVSS Score
8.6
EPSS Score
0.943
Published
2024-05-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved