Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2023
CVE-2023-4102
QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-10-03
CVE-2023-4103
QSige statistics are affected by a remote SQLi vulnerability. It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. As a prerequisite, it is necessary to log into the application.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-10-03
CVE-2023-5350
SQL Injection in GitHub repository salesagility/suitecrm prior to 7.14.1.
CVSS Score
6.4
EPSS Score
0.002
Published
2023-10-03
CVE-2023-5351
Cross-site Scripting (XSS) - Stored in GitHub repository salesagility/suitecrm prior to 7.14.1.
CVSS Score
8.9
EPSS Score
0.001
Published
2023-10-03
CVE-2022-47892
All versions of NetMan 204 could allow an unauthenticated remote attacker to read a file (config.cgi) containing sensitive information, like credentials.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-10-03
CVE-2022-47893
There is a remote code execution vulnerability that affects all versions of NetMan 204. A remote attacker could upload a firmware file containing a webshell, that could allow him to execute arbitrary code as root.
CVSS Score
10.0
EPSS Score
0.017
Published
2023-10-03
CVE-2023-25989
Cross-Site Request Forgery (CSRF) vulnerability in Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks Easy Photo Feed Widget, Meks Simple Flickr Widget, Meks Easy Ads Widget, Meks Smart Social Widget plugins leading to dismiss or the popup.
CVSS Score
4.3
EPSS Score
0.002
Published
2023-10-03
CVE-2023-2830
Cross-Site Request Forgery (CSRF) vulnerability in Trustindex.Io WP Testimonials plugin <= 1.4.2 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-10-03
CVE-2023-39165
Cross-Site Request Forgery (CSRF) vulnerability in Fetch Designs Sign-up Sheets plugin <= 2.2.8 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-10-03
CVE-2023-39917
Cross-Site Request Forgery (CSRF) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.2.6 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-10-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved