Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2023
CVE-2023-44163
The 'search' parameter of the process_search.php resource does not validate the characters received and they are sent unfiltered to the database.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-09-28
CVE-2023-44164
The 'Email' parameter of the process_login.php resource does not validate the characters received and they are sent unfiltered to the database.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-09-28
CVE-2023-44166
The 'age' parameter of the process_registration.php resource does not validate the characters received and they are sent unfiltered to the database.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-09-28
CVE-2023-44174
Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Stored Cross-Site Scripting vulnerability.
CVSS Score
6.4
EPSS Score
0.001
Published
2023-09-28
CVE-2023-43013
Asset Management System v1.0 is vulnerable to an unauthenticated SQL Injection vulnerability on the 'email' parameter of index.php page, allowing an external attacker to dump all the contents of the database contents and bypass the login control.
CVSS Score
9.8
EPSS Score
0.0
Published
2023-09-28
CVE-2023-43740
Online Book Store Project v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'image' parameter of admin_edit.php page, allowing an authenticated attacker to obtain Remote Code Execution on the server hosting the application.
CVSS Score
8.8
EPSS Score
0.021
Published
2023-09-28
CVE-2023-44173
Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Reflected Cross-Site Scripting vulnerability.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-28
CVE-2023-4316
Zod in versions 3.21.0 up to and including 3.22.3 allows an attacker to perform a denial of service while validating emails.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-09-28
CVE-2023-5004
Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI.
CVSS Score
9.8
EPSS Score
0.0
Published
2023-09-28
CVE-2023-5053
Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI.
CVSS Score
9.8
EPSS Score
0.0
Published
2023-09-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved