Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2023
CVE-2023-38130
Cross-site request forgery (CSRF) vulnerability in CubeCart prior to 6.5.3 allows a remote unauthenticated attacker to delete data in the system.
CVSS Score
8.1
EPSS Score
0.011
Published
2023-11-17
CVE-2023-42428
Directory traversal vulnerability in CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to delete directories and files in the system.
CVSS Score
6.5
EPSS Score
0.016
Published
2023-11-17
CVE-2023-47283
Directory traversal vulnerability in CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to obtain files in the system.
CVSS Score
4.9
EPSS Score
0.003
Published
2023-11-17
CVE-2023-47675
CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command.
CVSS Score
7.2
EPSS Score
0.008
Published
2023-11-17
CVE-2023-48655
An issue was discovered in MISP before 2.4.176. app/Controller/Component/IndexFilterComponent.php does not properly filter out query parameters.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-11-17
CVE-2023-48656
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-11-17
CVE-2023-48657
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-11-17
CVE-2023-48658
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php lacks a checkParam function for alphanumerics, underscore, dash, period, and space.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-11-17
CVE-2023-48659
An issue was discovered in MISP before 2.4.176. app/Controller/AppController.php mishandles parameter parsing.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-11-17
CVE-2023-48648
Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized access because directories can be created with insecure permissions. File creation functions (such as the Mkdir() function) gives universal access (0777) to created folders by default. Excessive permissions can be granted when creating a directory with permissions greater than 0755 or when the permissions argument is not specified.
CVSS Score
9.8
EPSS Score
0.007
Published
2023-11-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved