Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2024
CVE-2024-42613
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_widgets.php?action=install&widget=akismet
CVSS Score
8.8
EPSS Score
0.002
Published
2024-08-20
CVE-2024-42616
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_widgets.php?action=remove&widget=Statistics
CVSS Score
8.8
EPSS Score
0.002
Published
2024-08-20
CVE-2024-42617
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_config.php?action=save&var_id=32
CVSS Score
8.8
EPSS Score
0.002
Published
2024-08-20
CVE-2024-42618
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /module.php?module=karma
CVSS Score
8.8
EPSS Score
0.002
Published
2024-08-20
CVE-2024-42621
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_editor.php
CVSS Score
8.8
EPSS Score
0.002
Published
2024-08-20
CVE-2024-35540
A stored cross-site scripting (XSS) vulnerability in Typecho v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVSS Score
9.0
EPSS Score
0.087
Published
2024-08-20
CVE-2024-39690
Capsule is a multi-tenancy and policy-based framework for Kubernetes. In Capsule v0.7.0 and earlier, the tenant-owner can patch any arbitrary namespace that has not been taken over by a tenant (i.e., namespaces without the ownerReference field), thereby gaining control of that namespace. Version 0.7.1 contains a patch.
CVSS Score
8.4
EPSS Score
0.002
Published
2024-08-20
CVE-2024-42369
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk's getRoomUpgradeHistory function will infinitely recurse in this case, causing the code to hang. This method is public but also called by the 'leaveRoomChain()' method, so leaving a room will also trigger the bug. This was patched in matrix-js-sdk 34.3.1.
CVSS Score
4.1
EPSS Score
0.002
Published
2024-08-20
CVE-2024-42603
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=clearall
CVSS Score
8.8
EPSS Score
0.002
Published
2024-08-20
CVE-2024-42604
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_group.php?mode=delete&group_id=3
CVSS Score
8.8
EPSS Score
0.003
Published
2024-08-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved