Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2024
CVE-2024-8173
A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file /login.php of the component Login Page. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
7.3
EPSS Score
0.001
Published
2024-08-26
CVE-2024-43967
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Stark Digital WP Testimonial Widget allows Stored XSS.This issue affects WP Testimonial Widget: from n/a through 3.1.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-08-26
CVE-2024-44549
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formGetIptv.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-08-26
CVE-2024-44550
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formGetIptv.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-08-26
CVE-2024-44551
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formGetIptv.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-08-26
CVE-2024-44552
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-08-26
CVE-2024-44553
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formGetIptv.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-08-26
CVE-2024-44555
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function setIptvInfo.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-08-26
CVE-2024-44557
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-08-26
CVE-2024-42788
A Stored Cross Site Scripting (XSS) vulnerability was found in "/music/ajax.php?action=save_music" in Kashipara Music Management System v1.0. This vulnerability allows remote attackers to execute arbitrary code via "title" & "artist" parameter fields.
CVSS Score
6.1
EPSS Score
0.003
Published
2024-08-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved