Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2021
CVE-2020-36378
An issue was discovered in the packageCmd function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
CVSS Score
9.8
EPSS Score
0.011
Published
2021-10-31
CVE-2020-36379
An issue was discovered in the remove function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
CVSS Score
9.8
EPSS Score
0.011
Published
2021-10-31
CVE-2020-36380
An issue was discovered in the crunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
CVSS Score
9.8
EPSS Score
0.012
Published
2021-10-31
CVE-2020-36381
An issue was discovered in the singleCrunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
CVSS Score
9.8
EPSS Score
0.011
Published
2021-10-31
CVE-2020-26705
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity (XXE) vulnerability which allows for an attacker to expose sensitive data or perform a denial of service (DOS) via a crafted external entity entered into the XML content as input.
CVSS Score
9.1
EPSS Score
0.003
Published
2021-10-31
CVE-2020-26707
An issue was discovered in the add function in Shenzhim AAPTJS 1.3.1 which allows attackers to execute arbitrary code via the filePath parameter.
CVSS Score
9.8
EPSS Score
0.011
Published
2021-10-31
CVE-2020-36376
An issue was discovered in the list function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
CVSS Score
9.8
EPSS Score
0.011
Published
2021-10-31
CVE-2020-36377
An issue was discovered in the dump function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
CVSS Score
9.8
EPSS Score
0.011
Published
2021-10-31
CVE-2020-25911
A XML External Entity (XXE) vulnerability was discovered in the modRestServiceRequest component in MODX CMS 2.7.3 which can lead to an information disclosure or denial of service (DOS).
CVSS Score
9.1
EPSS Score
0.01
Published
2021-10-31
CVE-2020-25912
A XML External Entity (XXE) vulnerability was discovered in symphony\lib\toolkit\class.xmlelement.php in Symphony 2.7.10 which can lead to an information disclosure or denial of service (DOS).
CVSS Score
9.1
EPSS Score
0.003
Published
2021-10-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved