Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2019
CVE-2011-4626
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the "JSwindow" property of the typolink function.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-11-06
CVE-2011-4627
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows Information Disclosure on the backend.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-11-06
CVE-2011-4628
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to bypass authentication mechanisms in the backend through a crafted request.
CVSS Score
9.8
EPSS Score
0.007
Published
2019-11-06
CVE-2011-4629
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the admin panel.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-11-06
CVE-2011-4630
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the browse_links wizard.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-11-06
CVE-2011-4631
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the system extension recycler.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-11-06
CVE-2015-7276
Technicolor C2000T and C2100T uses hard-coded cryptographic keys.
CVSS Score
5.9
EPSS Score
0.003
Published
2019-11-06
CVE-2017-18639
Progress Sitefinity CMS before 10.1 allows XSS via /Pages Parameter : Page Title, /Content/News Parameter : News Title, /Content/List Parameter : List Title, /Content/Documents/LibraryDocuments/incident-request-attachments Parameter : Document Title, /Content/Images/LibraryImages/newsimages Parameter : Image Title, /Content/links Parameter : Link Title, /Content/links Parameter : Link Title, or /Content/Videos/LibraryVideos/default-video-library Parameter : Video Title.
CVSS Score
6.1
EPSS Score
0.0
Published
2019-11-06
CVE-2019-18797
LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator()(Sass::Binary_Expression*) in eval.cpp.
CVSS Score
6.5
EPSS Score
0.006
Published
2019-11-06
CVE-2019-18798
LibSass before 3.6.3 allows a heap-based buffer over-read in Sass::weaveParents in ast_sel_weave.cpp.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-11-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved