Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2023
CVE-2020-19559
An issue in Diebold Aglis XFS for Opteva v.4.1.61.1 allows a remote attacker to execute arbitrary code via a crafted payload to the ResolveMethod() parameter.
CVSS Score
9.8
EPSS Score
0.013
Published
2023-09-11
CVE-2023-31067
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\TSplus\Clients\www.
CVSS Score
9.8
EPSS Score
0.019
Published
2023-09-11
CVE-2023-31068
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\TSplus\UserDesktop\themes.
CVSS Score
9.8
EPSS Score
0.015
Published
2023-09-11
CVE-2023-31069
An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page.
CVSS Score
9.8
EPSS Score
0.011
Published
2023-09-11
CVE-2023-39067
Cross Site Scripting vulnerability in ZLMediaKiet v.4.0 and v.5.0 allows an attacker to execute arbitrary code via a crafted script to the URL.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-09-11
CVE-2023-41593
Multiple cross-site scripting (XSS) vulnerabilities in Dairy Farm Shop Management System Using PHP and MySQL v1.1 allow attackers to execute arbitrary web scripts and HTML via a crafted payload injected into the Category and Category Field parameters.
CVSS Score
5.4
EPSS Score
0.003
Published
2023-09-11
CVE-2023-41609
An open redirect vulnerability in the sanitize_url() parameter of CouchCMS v2.3 allows attackers to redirect a victim user to an arbitrary web site via a crafted URL.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-09-11
CVE-2020-19318
Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-09-11
CVE-2023-30058
novel-plus 3.6.2 is vulnerable to SQL Injection.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-09-11
CVE-2023-41000
GPAC through 2.2.1 has a use-after-free vulnerability in the function gf_bifs_flush_command_list in bifs/memory_decoder.c.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-09-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved