Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2024
CVE-2024-49615
Cross-Site Request Forgery (CSRF) vulnerability in Henrique Rodrigues SafetyForms allows Blind SQL Injection.This issue affects SafetyForms: from n/a through 1.0.0.
CVSS Score
8.2
EPSS Score
0.001
Published
2024-10-20
CVE-2024-49616
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nyasro Rate Own Post allows Blind SQL Injection.This issue affects Rate Own Post: from n/a through 1.0.
CVSS Score
8.5
EPSS Score
0.004
Published
2024-10-20
CVE-2024-47325
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle Multiple Page Generator Plugin – MPG allows SQL Injection.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.7.
CVSS Score
8.5
EPSS Score
0.006
Published
2024-10-20
CVE-2024-49335
Cross-Site Request Forgery (CSRF) vulnerability in Edush Maxim GoogleDrive folder list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through 2.2.2.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-10-20
CVE-2024-49605
Cross-Site Request Forgery (CSRF) vulnerability in Avchat.Net AVChat Video Chat allows Stored XSS.This issue affects AVChat Video Chat: from n/a through 2.2.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-10-20
CVE-2024-49609
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brandon White Author Discussion allows Blind SQL Injection.This issue affects Author Discussion: from n/a through 0.2.2.
CVSS Score
8.5
EPSS Score
0.004
Published
2024-10-20
CVE-2024-44061
: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WPFactory EU/UK VAT Manager for WooCommerce allows Cross-Site Scripting (XSS).This issue affects EU/UK VAT Manager for WooCommerce: from n/a through 2.12.14.
CVSS Score
7.1
EPSS Score
0.002
Published
2024-10-20
CVE-2024-49624
Deserialization of Untrusted Data vulnerability in Smartdevth Advanced Advertising System allows Object Injection.This issue affects Advanced Advertising System: from n/a through 1.3.1.
CVSS Score
9.8
EPSS Score
0.004
Published
2024-10-20
CVE-2024-49625
Deserialization of Untrusted Data vulnerability in Brandon Clark SiteBuilder Dynamic Components allows Object Injection.This issue affects SiteBuilder Dynamic Components: from n/a through 1.0.
CVSS Score
9.8
EPSS Score
0.006
Published
2024-10-20
CVE-2024-49610
Unrestricted Upload of File with Dangerous Type vulnerability in Jack Zhu allows Upload a Web Shell to a Web Server.This issue affects photokit: from n/a through 1.0.
CVSS Score
10.0
EPSS Score
0.004
Published
2024-10-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved