Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2024
CVE-2024-8003
A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified as problematic. Affected by this issue is the function InitRoutes of the file internal/app/routes/routes.go of the component Log Handler. The manipulation leads to deserialization. The patch is identified as 45ac90d6d1f82716f77dbcdf8e7309c229080e3c. It is recommended to apply a patch to fix this issue.
CVSS Score
3.5
EPSS Score
0.001
Published
2024-08-20
CVE-2024-39094
Friendica 2024.03 is vulnerable to Cross Site Scripting (XSS) in settings/profile via the homepage, xmpp, and matrix parameters.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-08-20
CVE-2024-42006
Keyfactor AWS Orchestrator through 2.0 allows Information Disclosure.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-08-20
CVE-2024-42608
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/submit_page.php.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-08-20
CVE-2024-6377
An URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to redirect users to an arbitrary website via a crafted URL.
CVSS Score
8.1
EPSS Score
0.001
Published
2024-08-20
CVE-2024-34458
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in information disclosure.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-08-20
CVE-2024-42583
A Cross-Site Request Forgery (CSRF) in the component delete_user.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-08-20
CVE-2024-42584
A Cross-Site Request Forgery (CSRF) in the component delete_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-08-20
CVE-2024-42585
A Cross-Site Request Forgery (CSRF) in the component delete_media.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-08-20
CVE-2024-42586
A Cross-Site Request Forgery (CSRF) in the component categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-08-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved