Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2024
CVE-2024-34191
htmly v2.9.6 was discovered to contain an arbitrary file deletion vulnerability via the delete_post() function at admin.php. This vulnerability allows attackers to delete arbitrary files via a crafted request.
CVSS Score
6.5
EPSS Score
0.004
Published
2024-05-14
CVE-2024-34243
Konga v0.14.9 is vulnerable to Cross Site Scripting (XSS) via the username parameter.
CVSS Score
5.4
EPSS Score
0.003
Published
2024-05-14
CVE-2024-34256
OFCMS V1.1.2 is vulnerable to SQL Injection via the new table function.
CVSS Score
9.8
EPSS Score
0.004
Published
2024-05-14
CVE-2024-33863
An issue was discovered in linqi before 1.4.0.1 on Windows. There is /api/Cdn/GetFile local file inclusion.
CVSS Score
9.8
EPSS Score
0.005
Published
2024-05-14
CVE-2024-33864
An issue was discovered in linqi before 1.4.0.1 on Windows. There is SSRF via Document template generation; i.e., via remote images in process creation, file inclusion, and PDF document generation via malicious JavaScript.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-05-14
CVE-2024-33865
An issue was discovered in linqi before 1.4.0.1 on Windows. There is an NTLM hash leak via the /api/Cdn/GetFile and /api/DocumentTemplate/{GUID] endpoints.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-05-14
CVE-2024-33866
An issue was discovered in linqi before 1.4.0.1 on Windows. There is /api/DocumentTemplate/{GUID] XSS.
CVSS Score
5.5
EPSS Score
0.003
Published
2024-05-14
CVE-2024-33867
An issue was discovered in linqi before 1.4.0.1 on Windows. There is a hardcoded password salt.
CVSS Score
4.8
EPSS Score
0.001
Published
2024-05-14
CVE-2024-33868
An issue was discovered in linqi before 1.4.0.1 on Windows. There is LDAP injection.
CVSS Score
9.8
EPSS Score
0.004
Published
2024-05-14
CVE-2024-34085
A vulnerability has been identified in JT2Go (All versions < V2312.0001), Teamcenter Visualization V14.1 (All versions < V14.1.0.13), Teamcenter Visualization V14.2 (All versions < V14.2.0.10), Teamcenter Visualization V14.3 (All versions < V14.3.0.7), Teamcenter Visualization V2312 (All versions < V2312.0001). The affected applications contain a stack overflow vulnerability while parsing specially crafted XML files. This could allow an attacker to execute code in the context of the current process.
CVSS Score
7.8
EPSS Score
0.002
Published
2024-05-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved