Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2023
CVE-2023-2188
The Colibri Page Builder for WordPress is vulnerable to SQL Injection via the ‘post_id’ parameter in versions up to, and including, 1.0.227 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrator-level privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
CVSS Score
7.2
EPSS Score
0.003
Published
2023-08-31
CVE-2023-4652
Cross-site Scripting (XSS) - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git.
CVSS Score
6.8
EPSS Score
0.001
Published
2023-08-31
CVE-2023-4653
Cross-site Scripting (XSS) - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-08-31
CVE-2023-4654
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository instantsoft/icms2 prior to 2.16.1.
CVSS Score
2.6
EPSS Score
0.0
Published
2023-08-31
CVE-2023-4655
Cross-site Scripting (XSS) - Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-08-31
CVE-2023-4163
In Brocade Fabric OS before v9.2.0a, a local authenticated privileged user can trigger a buffer overflow condition, leading to a kernel panic with large input to buffers in the portcfgfportbuffers command.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-08-31
CVE-2023-4649
Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-08-31
CVE-2023-4650
Improper Access Control in GitHub repository instantsoft/icms2 prior to 2.16.1-git.
CVSS Score
4.7
EPSS Score
0.0
Published
2023-08-31
CVE-2023-4651
Server-Side Request Forgery (SSRF) in GitHub repository instantsoft/icms2 prior to 2.16.1.
CVSS Score
6.4
EPSS Score
0.0
Published
2023-08-31
CVE-2023-31424
Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a allows remote unauthenticated users to bypass web authentication and authorization.
CVSS Score
8.1
EPSS Score
0.006
Published
2023-08-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved