Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2023
CVE-2020-24221
An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service (DoS) via crafted .gif file (infinite loop).
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-11
CVE-2020-24222
Buffer Overflow vulnerability in jfif_decode() function in rockcarry ffjpeg through version 1.0.0, allows local attackers to execute arbitrary code due to an issue with ALIGN.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-08-11
CVE-2020-24804
Plaintext Password vulnerability in AddAdmin.py in cms-dev/cms v1.4.rc1, allows attackers to gain sensitive information via audit logs.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-08-11
CVE-2020-24872
Cross Site Scripting (XSS) vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-08-11
CVE-2020-24904
An issue was discovered in attach parameter in GNOME Gmail version 2.5.4, allows remote attackers to gain sensitive information via crafted "mailto" link.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-08-11
CVE-2020-24922
Cross Site Request Forgery (CSRF) vulnerability in xxl-job-admin/user/add in xuxueli xxl-job version 2.2.0, allows remote attackers to execute arbitrary code and esclate privileges via crafted .html file.
CVSS Score
8.8
EPSS Score
0.013
Published
2023-08-11
CVE-2020-24950
SQL Injection vulnerability in file Base_module_model.php in Daylight Studio FUEL-CMS version 1.4.9, allows remote attackers to execute arbitrary code via the col parameter to function list_items.
CVSS Score
8.8
EPSS Score
0.018
Published
2023-08-11
CVE-2020-25915
Cross Site Scripting (XSS) vulnerability in UserController.php in ThinkCMF version 5.1.5, allows attackers to execute arbitrary code via crafted user_login.
CVSS Score
5.4
EPSS Score
0.004
Published
2023-08-11
CVE-2020-27449
Cross Site Scripting (XSS) vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote attackers to execute arbitrary code and steal cookies via crafted JavaScript payload.
CVSS Score
6.1
EPSS Score
0.016
Published
2023-08-11
CVE-2020-27514
Directory Traversal vulnerability in delete function in admin.api.TemplateController in ZrLog version 2.1.15, allows remote attackers to delete arbitrary files and cause a denial of service (DoS).
CVSS Score
9.1
EPSS Score
0.011
Published
2023-08-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved