Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2023-47295
A CSV injection vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands via injecting a crafted payload into any text field that accepts strings.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-06-23
CVE-2023-47032
Password Vulnerability in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the UserService SOAP API function.
CVSS Score
9.8
EPSS Score
0.003
Published
2025-06-23
CVE-2025-52875
In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible
CVSS Score
5.4
EPSS Score
0.001
Published
2025-06-23
CVE-2025-52876
In JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIcon page was possible
CVSS Score
5.4
EPSS Score
0.001
Published
2025-06-23
CVE-2025-52877
In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible
CVSS Score
4.8
EPSS Score
0.0
Published
2025-06-23
CVE-2025-52878
In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions
CVSS Score
4.3
EPSS Score
0.0
Published
2025-06-23
CVE-2025-52879
In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible
CVSS Score
4.8
EPSS Score
0.0
Published
2025-06-23
CVE-2023-47298
An issue in NCR Terminal Handler 1.5.1 allows a low-level privileged authenticated attacker to query the SOAP API endpoint to obtain information about all of the users of the application including their usernames, roles, security groups and account statuses.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-06-23
CVE-2023-47297
A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands, including editing system security auditing configurations.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-06-23
CVE-2025-6503
A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /php_action/fetchSelectedCategories.php. The manipulation of the argument categoriesId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-06-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved