Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2020
CVE-2020-18190
Bludit v3.8.1 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /admin/ajax/upload-profile-picture.
CVSS Score
9.1
EPSS Score
0.033
Published
2020-10-02
CVE-2020-18191
GetSimpleCMS-3.3.15 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /GetSimpleCMS-3.3.15/admin/log.php
CVSS Score
9.1
EPSS Score
0.052
Published
2020-10-02
CVE-2020-18184
In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.
CVSS Score
7.2
EPSS Score
0.006
Published
2020-10-02
CVE-2020-18185
class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP code by modify the configuration file in a linux environment.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-10-02
CVE-2020-25623
Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Directory Traversal. An attacker can send a crafted HTTP request to read arbitrary files, if httpd in the inets application is used.
CVSS Score
7.5
EPSS Score
0.009
Published
2020-10-02
CVE-2020-7737
All versions of package safetydance are vulnerable to Prototype Pollution via the set function.
CVSS Score
7.3
EPSS Score
0.004
Published
2020-10-02
CVE-2020-7738
All versions of package shiba are vulnerable to Arbitrary Code Execution due to the default usage of the function load() of the package js-yaml instead of its secure replacement , safeLoad().
CVSS Score
8.3
EPSS Score
0.008
Published
2020-10-02
CVE-2020-8110
A vulnerability has been discovered in the ceva_emu.cvd module that results from a lack of proper validation of user-supplied data, which can result in a pointer that is fetched from uninitialized memory. This can lead to denial-of-service. This issue affects: Bitdefender Engines version 7.84897 and prior versions.
CVSS Score
5.9
EPSS Score
0.003
Published
2020-10-02
CVE-2020-7736
The package bmoor before 0.8.12 are vulnerable to Prototype Pollution via the set function.
CVSS Score
7.3
EPSS Score
0.008
Published
2020-10-02
CVE-2020-26135
Live Helper Chat before 3.44v allows reflected XSS via the setsettingajax PATH_INFO.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-10-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved