Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2024
CVE-2024-48825
Tenda AC7 v.15.03.06.44 ate_ifconfig_set has pre-authentication command injection allowing remote attackers to execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.031
Published
2024-10-28
CVE-2024-48826
Tenda AC7 v.15.03.06.44 ate_iwpriv_set has pre-authentication command injection allowing remote attackers to execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.031
Published
2024-10-28
CVE-2024-42930
PbootCMS 3.2.8 is vulnerable to URL Redirect.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-10-28
CVE-2024-48178
newbee-mall v1.0.0 is vulnerable to Server-Side Request Forgery (SSRF) via the goodsCoverImg parameter.
CVSS Score
8.1
EPSS Score
0.001
Published
2024-10-28
CVE-2024-48195
Cross Site Scripting vulnerability in eyouCMS v.1.6.7 allows a remote attacker to obtain sensitive information via a crafted script to the post parameter.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-10-28
CVE-2024-48196
An issue in eyouCMS v.1.6.7 allows a remote attacker to obtain sensitive information via a crafted script to the post parameter.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-10-28
CVE-2024-50433
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wowDevs Sky Addons for Elementor allows Stored XSS.This issue affects Sky Addons for Elementor: from n/a through 2.5.15.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-10-28
CVE-2024-50437
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AyeCode GeoDirectory allows Stored XSS.This issue affects GeoDirectory: from n/a through 2.3.80.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-10-28
CVE-2024-50451
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Stored XSS.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3.4.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-10-28
CVE-2024-50458
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Codeus Advanced Sermons allows Stored XSS.This issue affects Advanced Sermons: from n/a through 3.4.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-10-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved