Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2023
CVE-2020-36034
SQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via crafted payload to id parameter in manage_user.php.
CVSS Score
9.8
EPSS Score
0.011
Published
2023-08-11
CVE-2020-36037
An issue was disocvered in wuzhicms version 4.1.0, allows remote attackers to execte arbitrary code via the setting parameter to the ueditor in index.php.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-08-11
CVE-2020-36082
File Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote attackers to execute arbitrary code and escalate privileges via crafted webshell file to upload module.
CVSS Score
9.8
EPSS Score
0.016
Published
2023-08-11
CVE-2020-36136
SQL Injection vulnerability in cskaza cszcms version 1.2.9, allows attackers to gain sensitive information via pm_sendmail parameter in csz_model.php.
CVSS Score
7.5
EPSS Score
0.0
Published
2023-08-11
CVE-2020-36138
An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS).
CVSS Score
7.5
EPSS Score
0.003
Published
2023-08-11
CVE-2021-25786
An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf.
CVSS Score
5.3
EPSS Score
0.003
Published
2023-08-11
CVE-2020-20523
Cross Site Scripting (XSS) vulnerability in adm_user parameter in Gila CMS version 1.11.3, allows remote attackers to execute arbitrary code during the Gila CMS installation.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-08-11
CVE-2020-23595
Cross Site Request Forgery (CSRF) vulnerability in yzmcms version 5.6, allows remote attackers to escalate privileges and gain sensitive information sitemodel/add.html endpoint.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-08-11
CVE-2020-24075
Cross Site Scripting (XSS) vulnerability in Name Input Field in Contact Us form in Laborator Kalium before 3.0.4, allows remote attackers to execute arbitrary code.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-08-11
CVE-2020-24187
An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service (DoS) (Null Pointer Dereference).
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved