Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2023
CVE-2023-47582
Access of uninitialized pointer vulnerability exists in TELLUS V4.0.17.0 and earlier and TELLUS Lite V4.0.17.0 and earlier. If a user opens a specially crafted file (X1, V8, or V9 file), information may be disclosed and/or arbitrary code may be executed.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-15
CVE-2023-47583
Multiple out-of-bounds read vulnerabilities exist in TELLUS Simulator V4.0.17.0 and earlier. If a user opens a specially crafted file (X1 or V9 file), information may be disclosed and/or arbitrary code may be executed.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-11-15
CVE-2023-47584
Out-of-bounds write vulnerability exists in V-Server V4.0.18.0 and earlier and V-Server Lite V4.0.18.0 and earlier. If a user opens a specially crafted VPR file, information may be disclosed and/or arbitrary code may be executed.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-15
CVE-2023-47585
Out-of-bounds read vulnerability exists in V-Server V4.0.18.0 and earlier and V-Server Lite V4.0.18.0 and earlier. If a user opens a specially crafted VPR file, information may be disclosed and/or arbitrary code may be executed.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-15
CVE-2023-47586
Multiple heap-based buffer overflow vulnerabilities exist in V-Server V4.0.18.0 and earlier and V-Server Lite V4.0.18.0 and earlier. If a user opens a specially crafted VPR file, information may be disclosed and/or arbitrary code may be executed.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-15
CVE-2023-40923
MyPrestaModules ordersexport before v5.0 was discovered to contain multiple SQL injection vulnerabilities at send.php via the key and save_setting parameters.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-11-15
CVE-2023-41597
EyouCms v1.6.2 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /admin/twitter.php?active_t.
CVSS Score
6.1
EPSS Score
0.131
Published
2023-11-15
CVE-2023-47445
Pre-School Enrollment version 1.0 is vulnerable to SQL Injection via the username parameter in preschool/admin/ page.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-11-15
CVE-2023-47446
Pre-School Enrollment version 1.0 is vulnerable to Cross Site Scripting (XSS) on the profile.php page via fullname parameter.
CVSS Score
5.4
EPSS Score
0.005
Published
2023-11-15
CVE-2023-5984
A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow modified firmware to be uploaded when an authorized admin user begins a firmware update procedure which could result in full control over the device.
CVSS Score
7.2
EPSS Score
0.0
Published
2023-11-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved