Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2021
CVE-2021-40921
Cross-site scripting (XSS) vulnerability in _contactform.inc.php in Detector 0.8.5 and below version allows remote attackers to inject arbitrary web script or HTML via the cid parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-10-01
CVE-2021-40922
Cross-site scripting (XSS) vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the last_name parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-10-01
CVE-2021-40923
Cross-site scripting (XSS) vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the email parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-10-01
CVE-2021-40924
Cross-site scripting (XSS) vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the first_name parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-10-01
CVE-2021-40925
Cross-site scripting (XSS) vulnerability in dompdf/dompdf/www/demo.php infaveo-helpdesk v1.11.0 and below allow remote attackers to inject arbitrary web script or HTML via the $_SERVER["PHP_SELF"] parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-10-01
CVE-2021-40926
Cross-site scripting (XSS) vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-10-01
CVE-2021-40927
Cross-site scripting (XSS) vulnerability in callback.php in Spotify-for-Alfred 0.13.9 and below allows remote attackers to inject arbitrary web script or HTML via the error parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-10-01
CVE-2021-40928
Cross-site scripting (XSS) vulnerability in index.php in FlexTV beta development version allows remote attackers to inject arbitrary web script or HTML via the PHP_SELF parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-10-01
CVE-2021-40968
Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the newpassword2 parameter.
CVSS Score
6.1
EPSS Score
0.013
Published
2021-10-01
CVE-2021-40969
Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the firstname parameter.
CVSS Score
6.1
EPSS Score
0.013
Published
2021-10-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved