Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2024
CVE-2024-45260
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. Users who belong to unauthorized groups can invoke any interface of the device, thereby gaining complete control over it.
CVSS Score
8.0
EPSS Score
0.036
Published
2024-10-24
CVE-2024-45259
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. By intercepting an HTTP request and changing the filename property in the download interface, any file on the device can be deleted.
CVSS Score
6.5
EPSS Score
0.0
Published
2024-10-24
CVE-2024-48427
A SQL injection vulnerability in Sourcecodester Packers and Movers Management System v1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in /mpms/admin/?page=services/manage_service&id
CVSS Score
8.8
EPSS Score
0.134
Published
2024-10-24
CVE-2024-48454
An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code via the /admin?page=user component
CVSS Score
7.2
EPSS Score
0.02
Published
2024-10-24
CVE-2024-46995
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in HTTP 400 Bad Request. Version 5.1.2 fixes this issue.
CVSS Score
6.1
EPSS Score
0.006
Published
2024-10-24
CVE-2024-46996
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Blog posts feature. Version 5.1.2 fixes this issue.
CVSS Score
6.3
EPSS Score
0.007
Published
2024-10-24
CVE-2024-46998
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Edit Email Form Settings Feature. Version 5.1.2 fixes the issue.
CVSS Score
7.1
EPSS Score
0.008
Published
2024-10-24
CVE-2024-46994
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue.
CVSS Score
5.4
EPSS Score
0.007
Published
2024-10-24
CVE-2024-46478
HTMLDOC v1.9.18 contains a buffer overflow in parse_pre function,ps-pdf.cxx:5681.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-10-24
CVE-2024-38314
IBM Maximo Application Suite - Monitor Component 8.10, 8.11, and 9.0 could disclose information in the form of the hard-coded cryptographic key to an attacker that has compromised environment.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-10-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved