Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In December 2023
CVE-2023-5645
The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-12-26
CVE-2023-5672
The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file path parameters when attaching files to emails, leading to local file inclusion, and allowing an attacker to leak the contents of arbitrary files.
CVSS Score
6.5
EPSS Score
0.004
Published
2023-12-26
CVE-2023-5673
The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file extensions uploading files to attach to emails, allowing attackers to upload PHP files, leading to remote code execution.
CVSS Score
8.8
EPSS Score
0.014
Published
2023-12-26
CVE-2023-52086
resumable.php (aka PHP backend for resumable.js) 0.1.4 before 3c6dbf5 allows arbitrary file upload anywhere in the filesystem via ../ in multipart/form-data content to upload.php. (File overwrite hasn't been possible with the code available in GitHub in recent years, however.)
CVSS Score
8.1
EPSS Score
0.001
Published
2023-12-26
CVE-2023-51090
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formGetWeiXinConfig.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-12-26
CVE-2023-51091
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function R7WebsSecurityHandler.
CVSS Score
9.8
EPSS Score
0.072
Published
2023-12-26
CVE-2023-51092
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function upgrade.
CVSS Score
9.8
EPSS Score
0.162
Published
2023-12-26
CVE-2023-51093
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function fromSetLocalVlanInfo.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-12-26
CVE-2023-51094
Tenda M3 V1.0.0.12(4856) was discovered to contain a Command Execution vulnerability via the function TendaTelnet.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-12-26
CVE-2023-51097
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetAutoPing.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-12-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved