Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2023-35657
In bta_av_config_ind of bta_av_aact.cc, there is a possible out of bounds read due to type confusion. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Score
4.0
EPSS Score
0.0
Published
2025-09-04
CVE-2025-41058
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Addon][layouts]' and 'data[Addon][layouts_except]' parameters in /apprain/developer/addons/update/row_manager.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-09-04
CVE-2025-41059
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Addon][layouts]' and 'data[Addon][layouts_except]' parameters in /apprain/developer/addons/update/tablesorter.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-09-04
CVE-2025-41060
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Addon][layouts]' and 'data[Addon][layouts_except]' parameters in /apprain/developer/addons/update/tree.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-09-04
CVE-2025-41061
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Addon][layouts]' and 'data[Addon][layouts_except]' parameters in /apprain/developer/addons/update/uploadify.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-09-04
CVE-2025-41062
A vulnerability has been discovered in version 4.0.5 of appRain CMF, consisting of an authenticated reflected XSS due to a lack of proper validation of user input, through the 'page' parameter in /apprain/developer/addons.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-09-04
CVE-2025-41063
A vulnerability has been discovered in version 4.0.5 of appRain CMF, consisting of an authenticated reflected XSS due to a lack of proper validation of user input, through the 's' parameter in /apprain/developer/debug-log/db.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-09-04
CVE-2025-41052
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Addon][layouts]' and 'data[Addon][layouts_except]' parameters in /apprain/developer/addons/update/canvasjs.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-09-04
CVE-2025-41053
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Addon][layouts]' and 'data[Addon][layouts_except]' parameters in /apprain/developer/addons/update/commonresource.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-09-04
CVE-2025-41054
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Addon][layouts]' and 'data[Addon][layouts_except]' parameters in /apprain/developer/addons/update/cycle.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-09-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved