Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In December 2024
CVE-2024-52724
ZZCMS 2023 was discovered to contain a SQL injection vulnerability in /q/show.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-12-02
CVE-2024-53566
An issue in the action_listcategories() function of Sangoma Asterisk v22/22.0.0/22.0.0-rc1/22.0.0-rc2/22.0.0-pre1 allows attackers to execute a path traversal.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-12-02
CVE-2024-53364
A SQL injection vulnerability was found in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/view-detail.php. This vulnerability affects the viewid parameter, where improper input sanitization allows attackers to inject malicious SQL queries.
CVSS Score
5.4
EPSS Score
0.0
Published
2024-12-02
CVE-2024-46909
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account.
CVSS Score
9.8
EPSS Score
0.032
Published
2024-12-02
CVE-2024-8785
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry path HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Ipswitch\.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-12-02
CVE-2024-31669
rizin before Release v0.6.3 is vulnerable to Uncontrolled Resource Consumption via bin_pe_parse_imports, Pe_r_bin_pe_parse_var, and estimate_slide.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-12-02
CVE-2024-46905
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated lower-privileged user (at least Network Manager permissions required) to achieve privilege escalation to the admin account.
CVSS Score
8.8
EPSS Score
0.034
Published
2024-12-02
CVE-2024-46906
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.
CVSS Score
8.8
EPSS Score
0.059
Published
2024-12-02
CVE-2024-46907
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.
CVSS Score
8.8
EPSS Score
0.029
Published
2024-12-02
CVE-2024-46908
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.
CVSS Score
8.8
EPSS Score
0.034
Published
2024-12-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved