Shodan
Vulnerabilities
Vulnerable Software
Oretnom23:  Security Vulnerabilities
CVE-2023-49974
A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the contact parameter at /customer_support/index.php?page=customer_list.
CVSS Score
6.1
EPSS Score
0.003
Published
2024-03-06
CVE-2023-49976
A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the subject parameter at /customer_support/index.php?page=new_ticket.
CVSS Score
5.4
EPSS Score
0.002
Published
2024-03-06
CVE-2023-49977
A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the address parameter at /customer_support/index.php?page=new_customer.
CVSS Score
5.4
EPSS Score
0.003
Published
2024-03-06
CVE-2023-33677
Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=*".
CVSS Score
7.5
EPSS Score
0.001
Published
2024-03-06
CVE-2022-46088
Online Flight Booking Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the feedback form.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-03-05
CVE-2023-49546
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the email parameter at /customer_support/ajax.php.
CVSS Score
8.8
EPSS Score
0.005
Published
2024-03-05
CVE-2023-49547
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the username parameter at /customer_support/ajax.php?action=login.
CVSS Score
9.8
EPSS Score
0.063
Published
2024-03-05
CVE-2023-49548
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the lastname parameter at /customer_support/ajax.php?action=save_user.
CVSS Score
8.8
EPSS Score
0.005
Published
2024-03-05
CVE-2023-49968
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parameter at /customer_support/manage_department.php.
CVSS Score
7.3
EPSS Score
0.001
Published
2024-03-05
CVE-2023-49969
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parameter at /customer_support/index.php?page=edit_customer.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-03-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved