Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2023
CVE-2023-5913
Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.
CVSS Score
8.2
EPSS Score
0.002
Published
2023-11-08
CVE-2023-46642
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in sahumedia SAHU TikTok Pixel for E-Commerce plugin <= 1.2.2 versions.
CVSS Score
4.8
EPSS Score
0.002
Published
2023-11-08
CVE-2023-46643
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GARY JEZORSKI CloudNet360 plugin <= 3.2.0 versions.
CVSS Score
6.1
EPSS Score
0.002
Published
2023-11-08
CVE-2023-47379
Microweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-11-08
CVE-2023-5760
A time-of-check to time-of-use (TOCTOU) bug in handling of IOCTL (input/output control) requests. This TOCTOU bug leads to an out-of-bounds write vulnerability which can be further exploited, allowing an attacker to gain full local privilege escalation on the system.This issue affects Avast/Avg Antivirus: 23.8.
CVSS Score
8.2
EPSS Score
0.001
Published
2023-11-08
CVE-2023-47397
WeBid <=1.2.2 is vulnerable to code injection via admin/categoriestrans.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-11-08
CVE-2023-5136
An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-11-08
CVE-2023-5759
In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the buffer was identified. Reported by Jason Geffner.  
CVSS Score
7.5
EPSS Score
0.003
Published
2023-11-08
CVE-2023-45319
In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the commit function was identified. Reported by Jason Geffner. 
CVSS Score
7.5
EPSS Score
0.004
Published
2023-11-08
CVE-2023-45849
An arbitrary code execution which results in privilege escalation was discovered in Helix Core versions prior to 2023.2. Reported by Jason Geffner.
CVSS Score
9.0
EPSS Score
0.003
Published
2023-11-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved