Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2023
CVE-2023-43892
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the Hostname parameter within the WAN settings. This vulnerability is exploited via a crafted payload.
CVSS Score
9.8
EPSS Score
0.03
Published
2023-10-02
CVE-2023-43893
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeup_mac parameter in the Wake-On-LAN (WoL) function. This vulnerability is exploited via a crafted payload.
CVSS Score
9.8
EPSS Score
0.024
Published
2023-10-02
CVE-2023-44011
An issue in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the layout.master skin file at the Skin management component.
CVSS Score
9.8
EPSS Score
0.132
Published
2023-10-02
CVE-2023-44012
Cross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the helpkey parameter in the Help.aspx component.
CVSS Score
6.1
EPSS Score
0.152
Published
2023-10-02
CVE-2023-43891
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the Changing Username and Password function. This vulnerability is exploited via a crafted payload.
CVSS Score
9.8
EPSS Score
0.024
Published
2023-10-02
CVE-2023-43267
A cross-site scripting (XSS) vulnerability in the publish article function of emlog pro v2.1.14 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title field.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-10-02
CVE-2023-43268
Deyue Remote Vehicle Management System v1.1 was discovered to contain a deserialization vulnerability.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-10-02
CVE-2023-43297
An issue in animal-art-lab v13.6.1 allows attackers to send crafted notifications via leakage of the channel access token.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-10-02
CVE-2023-43361
Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-10-02
CVE-2023-43836
There is a SQL injection vulnerability in the Jizhicms 2.4.9 backend, which users can use to obtain database information
CVSS Score
6.5
EPSS Score
0.001
Published
2023-10-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved