Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2023
CVE-2023-32576
Auth. (subscriber+) Stored Cross-Site Scripting') vulnerability in Plainware Locatoraid Store Locator plugin <= 3.9.18 versions.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-08-25
CVE-2023-32577
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eji Osigwe DevBuddy Twitter Feed plugin <= 4.0.0 versions.
CVSS Score
5.9
EPSS Score
0.0
Published
2023-08-25
CVE-2023-32584
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in John Newcombe eBecas plugin <= 3.1.3 versions.
CVSS Score
5.9
EPSS Score
0.0
Published
2023-08-25
CVE-2023-32591
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Cloud Primero B.V DBargain plugin <= 3.0.0 versions.
CVSS Score
5.9
EPSS Score
0.0
Published
2023-08-25
CVE-2023-3406
Path Traversal issue in M-Files Classic Web versions below 23.6.12695.3 and LTS Service Release Versions before 23.2 LTS SR3 allows authenticated user to read some restricted files on the web server
CVSS Score
7.7
EPSS Score
0.001
Published
2023-08-25
CVE-2023-3425
Out-of-bounds read issue in M-Files Server versions below 23.8.12892.6 and LTS Service Release Versions before 23.2 LTS SR3 allows unauthenticated user to read restricted amount of bytes from memory.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-08-25
CVE-2023-32518
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ono Oogami WP Chinese Conversion plugin <= 1.1.16 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-08-25
CVE-2023-32756
e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-25
CVE-2023-32757
e-Excellence U-Office Force file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker without logging the service can exploit this vulnerability to upload arbitrary files to perform arbitrary command or disrupt service.
CVSS Score
9.8
EPSS Score
0.005
Published
2023-08-25
CVE-2023-41173
AdGuard DNS before 2.2 allows remote attackers to cause a denial of service via malformed UDP packets.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-08-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved