Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2023
CVE-2023-1150
Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-06-26
CVE-2023-28991
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Order date, Order pickup, Order date time, Pickup Location, delivery date for WooCommerce plugin <= 3.0.19 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-06-26
CVE-2023-28992
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Elliot Sowersby, RelyWP Coupon Affiliates – WooCommerce Affiliate Plugin plugin <= 5.4.3 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-06-26
CVE-2023-29093
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PI Websolution Conditional cart fee plugin <= 1.0.96 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-06-26
CVE-2023-28988
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Direct checkout, Add to cart redirect, Quick purchase button, Buy now button, Quick View button for WooCommerce plugin <= 2.1.48 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-06-26
CVE-2023-36662
The TechTime User Management components for Atlassian products allow stored XSS on the Bulk User Actions page. This affects User Management for Jira 2.0.0 through 2.17.1, User Management for Confluence 2.0.0 through 2.15.24, and User Management for Bitbucket 2.2.2 through 2.15.24.
CVSS Score
5.4
EPSS Score
0.005
Published
2023-06-26
CVE-2023-36675
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, and 1.39.x before 1.39.4. BlockLogFormatter.php in BlockLogFormatter allows XSS in the partial blocks feature.
CVSS Score
6.1
EPSS Score
0.006
Published
2023-06-26
CVE-2023-36660
The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-06-25
CVE-2023-36661
Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.)
CVSS Score
7.5
EPSS Score
0.524
Published
2023-06-25
CVE-2023-36664
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).
CVSS Score
7.8
EPSS Score
0.077
Published
2023-06-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved