Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2023
CVE-2020-21486
SQL injection vulnerability in PHPOK v.5.4. allows a remote attacker to obtain sensitive information via the _userlist function in framerwork/phpok_call.php file.
CVSS Score
7.5
EPSS Score
0.0
Published
2023-06-20
CVE-2020-21489
File Upload vulnerability in Feehicms v.2.0.8 allows a remote attacker to execute arbitrary code via the /admin/index.php?r=admin-user%2Fupdate-self component.
CVSS Score
9.8
EPSS Score
0.012
Published
2023-06-20
CVE-2023-2533
Known exploited
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in PaperCut NG/MF, which, under specific conditions, could potentially enable an attacker to alter security settings or execute arbitrary code. This could be exploited if the target is an admin with a current login session. Exploiting this would typically involve the possibility of deceiving an admin into clicking a specially crafted malicious link, potentially leading to unauthorized changes.
CVSS Score
8.4
EPSS Score
0.578
Published
2023-06-20
CVE-2023-34541
Langchain 0.0.171 is vulnerable to Arbitrary code execution in load_prompt.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-06-20
CVE-2023-34600
Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection.
CVSS Score
9.8
EPSS Score
0.632
Published
2023-06-20
CVE-2020-20067
File upload vulnerability in ebCMS v.1.1.0 allows a remote attacker to execute arbitrary code via the upload type parameter.
CVSS Score
8.8
EPSS Score
0.008
Published
2023-06-20
CVE-2020-20070
Cross Site Scripting vulnerability found in wkeyuan DWSurvey 1.0 allows a remote attacker to execute arbitrary code via thequltemld parameter of the qu-multi-fillblank!answers.action file.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-06-20
CVE-2020-20335
Buffer Overflow vulnerability in Antirez Kilo before commit 7709a04ae8520c5b04d261616098cebf742f5a23 allows a remote attacker to cause a denial of service via the editorUpdateRow function in kilo.c.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-06-20
CVE-2020-20413
SQL injection vulnerability found in WUZHICMS v.4.1.0 allows a remote attacker to execute arbitrary code via the checktitle() function in admin/content.php.
CVSS Score
9.8
EPSS Score
0.006
Published
2023-06-20
CVE-2020-20491
SQL injection vulnerability in OpenCart v.2.2.00 thru 3.0.3.2 allows a remote attacker to execute arbitrary code via the Fba plugin function in upload/admin/index.php.
CVSS Score
7.2
EPSS Score
0.005
Published
2023-06-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved