Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In December 2023
CVE-2023-49398
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/delete.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-12-05
CVE-2023-49446
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/save.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-12-05
CVE-2023-49447
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/update.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-12-05
CVE-2023-49448
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via admin/nav/delete.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-12-05
CVE-2023-6180
The tokio-boring library in version 4.0.0 is affected by a memory leak issue that can lead to excessive resource consumption and potential DoS by resource exhaustion. The set_ex_data function used by the library did not deallocate memory used by pre-existing data in memory each time after completing a TLS connection causing the program to consume more resources with each new connection.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-12-05
CVE-2023-6357
A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-12-05
CVE-2023-49372
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/save.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-12-05
CVE-2023-49373
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/slide/delete.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-12-05
CVE-2023-49374
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/update.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-12-05
CVE-2023-49375
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/friend_link/update.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-12-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved