Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2024
CVE-2024-25510
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /AddressBook/address_public_show.aspx.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-05-07
CVE-2024-25511
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /AddressBook/address_public_new.aspx.
CVSS Score
9.4
EPSS Score
0.001
Published
2024-05-07
CVE-2024-25513
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the file_id parameter at /CorporateCulture/kaizen_download.aspx.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-05-07
CVE-2024-25514
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the template_id parameter at /SysManage/wf_template_child_field_list.aspx.
CVSS Score
9.4
EPSS Score
0.001
Published
2024-05-07
CVE-2024-34314
CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the file_get_contents function in the fetch_action method of /admin/template_admin.php. This vulnerability allows attackers to read arbitrary files.
CVSS Score
4.9
EPSS Score
0.002
Published
2024-05-07
CVE-2024-34315
CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the file_get_contents function in the fckedit_action method of /admin/template_admin.php. This vulnerability allows attackers to read arbitrary files.
CVSS Score
7.5
EPSS Score
0.004
Published
2024-05-07
CVE-2024-4558
Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS Score
9.6
EPSS Score
0.026
Published
2024-05-07
CVE-2024-4559
Heap buffer overflow in WebAudio in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS Score
6.5
EPSS Score
0.003
Published
2024-05-07
CVE-2024-25507
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the email_attach_id parameter at /LHMail/AttachDown.aspx.
CVSS Score
9.4
EPSS Score
0.001
Published
2024-05-07
CVE-2024-25508
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /bulletin/bulletin_template_show.aspx.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-05-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved