Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In December 2019
CVE-2014-6420
Cross-site scripting (XSS) vulnerability in Livefyre LiveComments 3.0 allows remote attackers to inject arbitrary web script or HTML via the name of an uploaded picture.
CVSS Score
6.1
EPSS Score
0.009
Published
2019-12-27
CVE-2012-4980
Multiple stack-based buffer overflows in CFProfile.exe in Toshiba ConfigFree Utility 8.0.38 allow user-assisted attackers to execute arbitrary code.
CVSS Score
7.8
EPSS Score
0.009
Published
2019-12-27
CVE-2014-3136
Cross-site request forgery (CSRF) vulnerability in D-Link DWR-113 (Rev. Ax) with firmware before 2.03b02 allows remote attackers to hijack the authentication of administrators for requests that change the admin password via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.009
Published
2019-12-27
CVE-2014-4535
Cross-site scripting (XSS) vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php.
CVSS Score
6.1
EPSS Score
0.038
Published
2019-12-27
CVE-2014-4536
Multiple cross-site scripting (XSS) vulnerabilities in tests/notAuto_test_ContactService_pauseCampaign.php in the Infusionsoft Gravity Forms plugin before 1.5.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) go, (2) contactId, or (3) campaignId parameter.
CVSS Score
6.1
EPSS Score
0.026
Published
2019-12-27
CVE-2014-4550
Cross-site scripting (XSS) vulnerability in preview-shortcode-external.php in the Shortcode Ninja plugin 1.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter.
CVSS Score
6.1
EPSS Score
0.027
Published
2019-12-27
CVE-2014-4544
Cross-site scripting (XSS) vulnerability in the Podcast Channels plugin 0.20 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the Filename parameter to getid3/demos/demo.write.php.
CVSS Score
6.1
EPSS Score
0.026
Published
2019-12-27
CVE-2014-4548
Cross-site scripting (XSS) vulnerability in tinymce/popup.php in the Ruven Toolkit plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the popup parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-12-27
CVE-2014-4558
Cross-site scripting (XSS) vulnerability in test-plugin.php in the Swipe Checkout for WooCommerce plugin 2.7.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the api_url parameter.
CVSS Score
6.1
EPSS Score
0.106
Published
2019-12-27
CVE-2014-4567
Cross-site scripting (XSS) vulnerability in comments/videowhisper2/r_logout.php in the Video Comments Webcam Recorder plugin 1.55, as downloaded before 20140116 for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-12-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved