Shodan
Vulnerabilities
Vulnerable Software
Phpkobo:  Security Vulnerabilities
CVE-2023-5313
A vulnerability classified as problematic was found in phpkobo Ajax Poll Script 3.18. Affected by this vulnerability is an unknown functionality of the file ajax-poll.php of the component Poll Handler. The manipulation leads to improper enforcement of a single, unique action. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240949 was assigned to this vulnerability.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-09-30
CVE-2023-41446
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted script to the title parameter in the index.php component.
CVSS Score
6.1
EPSS Score
0.007
Published
2023-09-28
CVE-2023-41447
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the subcmd parameter in the index.php component.
CVSS Score
6.1
EPSS Score
0.007
Published
2023-09-28
CVE-2023-41450
An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter.
CVSS Score
8.8
EPSS Score
0.03
Published
2023-09-28
CVE-2023-41448
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the ID parameter in the index.php component.
CVSS Score
6.1
EPSS Score
0.006
Published
2023-09-27
CVE-2023-41449
An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter.
CVSS Score
9.8
EPSS Score
0.051
Published
2023-09-27
CVE-2023-41451
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component.
CVSS Score
6.1
EPSS Score
0.007
Published
2023-09-27
CVE-2023-41452
Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component.
CVSS Score
8.8
EPSS Score
0.023
Published
2023-09-27
CVE-2023-41453
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the index.php component.
CVSS Score
6.1
EPSS Score
0.009
Published
2023-09-27
CVE-2023-41445
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the index.php component.
CVSS Score
6.1
EPSS Score
0.007
Published
2023-09-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved