Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2024
CVE-2024-50575
In JetBrains YouTrack before 2024.3.47707 reflected XSS was possible in Widget API
CVSS Score
5.4
EPSS Score
0.067
Published
2024-10-28
CVE-2024-50576
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via vendor URL in App manifest
CVSS Score
4.6
EPSS Score
0.177
Published
2024-10-28
CVE-2024-50577
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settings
CVSS Score
4.6
EPSS Score
0.133
Published
2024-10-28
CVE-2024-50497
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BuyNowDepot Advanced Online Ordering and Delivery Platform allows PHP Local File Inclusion.This issue affects Advanced Online Ordering and Delivery Platform: from n/a through 2.0.0.
CVSS Score
8.1
EPSS Score
0.007
Published
2024-10-28
CVE-2024-50501
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Climax Themes Kata Plus allows Stored XSS.This issue affects Kata Plus: from n/a through 1.4.7.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-10-28
CVE-2024-50502
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS.This issue affects Cozy Blocks: from n/a through 2.0.18.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-10-28
CVE-2024-50479
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mansur Ahamed Woocommerce Quote Calculator allows Blind SQL Injection.This issue affects Woocommerce Quote Calculator: from n/a through 1.1.
CVSS Score
9.3
EPSS Score
0.003
Published
2024-10-28
CVE-2024-50483
Authorization Bypass Through User-Controlled Key vulnerability in Meetup allows Privilege Escalation.This issue affects Meetup: from n/a through 0.1.
CVSS Score
9.8
EPSS Score
0.464
Published
2024-10-28
CVE-2024-50488
Authentication Bypass Using an Alternate Path or Channel vulnerability in Priyabrata Sarkar Token Login allows Authentication Bypass.This issue affects Token Login: from n/a through 1.0.3.
CVSS Score
8.8
EPSS Score
0.261
Published
2024-10-28
CVE-2024-50491
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Micah Blu RSVP ME allows SQL Injection.This issue affects RSVP ME: from n/a through 1.9.9.
CVSS Score
9.3
EPSS Score
0.223
Published
2024-10-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved