Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2024
CVE-2024-41316
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.
CVSS Score
9.8
EPSS Score
0.128
Published
2024-07-22
CVE-2024-41317
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.
CVSS Score
8.0
EPSS Score
0.023
Published
2024-07-22
CVE-2024-41318
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.
CVSS Score
9.8
EPSS Score
0.164
Published
2024-07-22
CVE-2024-41320
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the get_apcli_conn_info function.
CVSS Score
8.8
EPSS Score
0.032
Published
2024-07-22
CVE-2024-38730
Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor.This issue affects Magical Addons For Elementor: from n/a through 1.1.41.
CVSS Score
4.9
EPSS Score
0.001
Published
2024-07-22
CVE-2024-38755
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Designinvento DirectoryPress allows SQL Injection.This issue affects DirectoryPress: from n/a through 3.6.10.
CVSS Score
8.5
EPSS Score
0.059
Published
2024-07-22
CVE-2024-38759
Deserialization of Untrusted Data vulnerability in WP MEDIA SAS Search & Replace search-and-replace.This issue affects Search & Replace: from n/a through 3.2.2.
CVSS Score
5.4
EPSS Score
0.002
Published
2024-07-22
CVE-2024-38773
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms allows Blind SQL Injection.This issue affects FormLift for Infusionsoft Web Forms: from n/a through 7.5.17.
CVSS Score
9.3
EPSS Score
0.003
Published
2024-07-22
CVE-2024-38788
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bởi Admin 2020 UiPress lite allows SQL Injection.This issue affects UiPress lite: from n/a through 3.4.06.
CVSS Score
7.6
EPSS Score
0.029
Published
2024-07-22
CVE-2024-38701
Authorization Bypass Through User-Controlled Key vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 2.0.4.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-07-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved