Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2024
CVE-2024-35583
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Remarks input field.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-05-28
CVE-2024-35510
An arbitrary file upload vulnerability in /dede/file_manage_control.php of DedeCMS v5.7.114 allows attackers to execute arbitrary code via uploading a crafted file.
CVSS Score
9.8
EPSS Score
0.004
Published
2024-05-28
CVE-2024-35581
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Borrower Name input field.
CVSS Score
6.1
EPSS Score
0.005
Published
2024-05-28
CVE-2023-30308
An issue discovered in Ruijie EG210G-P, Ruijie EG105G-V2, Ruijie NBR, and Ruijie EG105G routers allows attackers to hijack TCP sessions which could lead to a denial of service.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-05-28
CVE-2023-30309
An issue discovered in D-Link DI-7003GV2 routers allows attackers to hijack TCP sessions which could lead to a denial of service.
CVSS Score
5.7
EPSS Score
0.001
Published
2024-05-28
CVE-2022-45171
An issue was discovered in LIVEBOX Collaboration vDesk through v018. An Unrestricted Upload of a File with a Dangerous Type can occur under the vShare web site section. A remote user, authenticated to the product, can arbitrarily upload potentially dangerous files without restrictions.
CVSS Score
8.8
EPSS Score
0.013
Published
2024-05-28
CVE-2024-24919
Known exploited
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
CVSS Score
8.6
EPSS Score
0.943
Published
2024-05-28
CVE-2023-30305
An issue discovered in Linksys E5600 routers allows attackers to hijack TCP sessions which could lead to a denial of service.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-05-28
CVE-2023-43842
Incorrect access control in the account management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to alter user and administrator accounts credentials via HTTP POST request.
CVSS Score
7.3
EPSS Score
0.008
Published
2024-05-28
CVE-2023-43843
Incorrect access control in the account management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to read user and administrator accounts passwords via HTTP GET request.
CVSS Score
7.3
EPSS Score
0.008
Published
2024-05-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved