Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2023
CVE-2023-31996
Hanwha IP Camera ANE-L7012R 1.41.01 is vulnerable to Command Injection due to improper sanitization of special characters for the NAS storage test function.
CVSS Score
8.8
EPSS Score
0.014
Published
2023-05-23
CVE-2020-20012
WebPlus Pro v1.4.7.8.4-01 is vulnerable to Incorrect Access Control.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-05-23
CVE-2023-25440
Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-05-23
CVE-2023-27068
Deserialization of Untrusted Data in Sitecore Experience Platform through 10.2 allows remote attackers to run arbitrary code via ValidationResult.aspx.
CVSS Score
9.8
EPSS Score
0.012
Published
2023-05-23
CVE-2023-29919
SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted.
CVSS Score
9.1
EPSS Score
0.923
Published
2023-05-23
CVE-2023-31664
A reflected cross-site scripting (XSS) vulnerability in /authenticationendpoint/login.do of WSO2 API Manager before 4.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tenantDomain parameter.
CVSS Score
6.1
EPSS Score
0.184
Published
2023-05-23
CVE-2023-31670
An issue in wasm2c 1.0.32, wasm2wat 1.0.32, wasm-decompile 1.0.32, and wasm-validate 1.0.32 allows attackers to cause a Denial of Service (DoS) via running a crafted binary.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-05-23
CVE-2023-31708
A Cross-Site Request Forgery (CSRF) in EyouCMS v1.6.2 allows attackers to execute arbitrary commands via a supplying a crafted HTML file to the Upload software format function.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-05-23
CVE-2022-46658
The affected product is vulnerable to a stack-based buffer overflow which could lead to a denial of service or remote code execution.
CVSS Score
6.5
EPSS Score
0.006
Published
2023-05-22
CVE-2022-46738
The affected product exposes multiple sensitive data fields of the affected product. An attacker can use the SNMP command to get device mac address and login as admin.
CVSS Score
7.2
EPSS Score
0.001
Published
2023-05-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved