Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2023
CVE-2023-45844
The vulnerability allows a low privileged user that have access to the device when locked in Kiosk mode to install an arbitrary Android application and leverage it to have access to critical device settings such as the device power management or eventually the device secure settings (ADB debug).
CVSS Score
7.3
EPSS Score
0.001
Published
2023-10-25
CVE-2023-45851
The Android Client application, when enrolled to the AppHub server,connects to an MQTT broker without enforcing any server authentication.  This issue allows an attacker to force the Android Client application to connect to a malicious MQTT broker, enabling it to send fake messages to the HMI device
CVSS Score
8.8
EPSS Score
0.001
Published
2023-10-25
CVE-2023-45990
Insecure Permissions vulnerability in WenwenaiCMS v.1.0 allows a remote attacker to escalate privileges.
CVSS Score
8.0
EPSS Score
0.01
Published
2023-10-25
CVE-2023-46010
An issue in SeaCMS v.12.9 allows an attacker to execute arbitrary commands via the admin_safe.php component.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-10-25
CVE-2023-46068
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in XQueue GmbH Maileon for WordPress plugin <= 2.16.0 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-10-25
CVE-2023-46069
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Osmansorkar Ajax Archive Calendar plugin <= 2.6.7 versions.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-10-25
CVE-2023-46070
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Emmanuel GEORJON EG-Attachments plugin <= 2.1.3 versions.
CVSS Score
7.1
EPSS Score
0.002
Published
2023-10-25
CVE-2023-46071
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ClickDatos Protección de Datos RGPD plugin <= 3.1.0 versions.
CVSS Score
7.1
EPSS Score
0.002
Published
2023-10-25
CVE-2023-45755
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in BuddyBoss BuddyPress Global Search plugin <= 1.2.1 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-10-25
CVE-2023-45756
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Spider Teams ApplyOnline – Application Form Builder and Manager plugin <= 2.5.2 versions.
CVSS Score
7.1
EPSS Score
0.002
Published
2023-10-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved