Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2021
CVE-2021-39128
Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA Administrators access to execute arbitrary Java code via a server-side template injection vulnerability in the Email Template feature. The affected versions of Jira Server or Data Center are before version 8.13.12, and from version 8.14.0 before 8.19.1.
CVSS Score
7.2
EPSS Score
0.007
Published
2021-09-16
CVE-2021-40881
An issue in the BAT file parameters of PublicCMS v4.0 allows attackers to execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.009
Published
2021-09-15
CVE-2020-21483
An arbitrary file upload vulnerability in Jizhicms v1.5 allows attackers to execute arbitrary code via a crafted .jpg file which is later changed to a PHP file.
CVSS Score
7.2
EPSS Score
0.01
Published
2021-09-15
CVE-2021-33044
Known exploited
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
CVSS Score
9.8
EPSS Score
0.943
Published
2021-09-15
CVE-2021-33045
Known exploited
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
CVSS Score
9.8
EPSS Score
0.941
Published
2021-09-15
CVE-2021-40639
Improper access control in Jfinal CMS 5.1.0 allows attackers to access sensitive information via /classes/conf/db.properties&config=filemanager.config.js.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-09-15
CVE-2020-21322
An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below allows attackers to execute arbitrary code via a crafted PHP file.
CVSS Score
9.8
EPSS Score
0.009
Published
2021-09-15
CVE-2020-21480
An arbitrary file write vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted PHP file.
CVSS Score
7.2
EPSS Score
0.01
Published
2021-09-15
CVE-2020-21481
An arbitrary file upload vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted .txt file which is later changed to a PHP file.
CVSS Score
7.2
EPSS Score
0.01
Published
2021-09-15
CVE-2020-21482
A cross-site scripting (XSS) vulnerability in RGCMS v1.06 allows attackers to obtain the administrator's cookie via a crafted payload in the Name field under the Message Board module
CVSS Score
5.4
EPSS Score
0.002
Published
2021-09-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved