Shodan
Vulnerabilities
Vulnerable Software
Whitebearsolutions:  Security Vulnerabilities
CVE-2024-3795
Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting (XSS) through /admin/BackupTemplate, name / description fields. Exploitation of this vulnerability could allow a remote user to send a specially crafted URL to the victim and steal their session data.
CVSS Score
4.8
EPSS Score
0.002
Published
2024-05-14
CVE-2024-3796
Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting (XSS) through /admin/BackupSchedule, description field. Exploitation of this vulnerability could allow a remote user to send a specially crafted URL to the victim and steal their session data.
CVSS Score
4.8
EPSS Score
0.001
Published
2024-05-14
CVE-2024-3793
Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting (XSS) through /admin/CloudAccounts, account name / user password / server fields, all parameters. Exploitation of this vulnerability could allow a remote user to send a specially crafted URL to the victim and steal their session data.
CVSS Score
4.8
EPSS Score
0.002
Published
2024-05-14
CVE-2024-3794
Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting (XSS) through /admin/AdvancedSystem, description field, all parameters. Exploitation of this vulnerability could allow a remote user to send a specially crafted URL to the victim and steal their session data.
CVSS Score
4.8
EPSS Score
0.002
Published
2024-05-14
CVE-2024-3792
Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting (XSS) through /admin/DeviceReplication, execution range field, all parameters. Exploitation of this vulnerability could allow a remote user to send a specially crafted URL to the victim and steal their session data.
CVSS Score
4.8
EPSS Score
0.005
Published
2024-05-14
CVE-2024-3790
Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting (XSS) through /admin/SystemUsers, login / description fields, passwd1/ passwd2 parameters. Exploitation of this vulnerability could allow a remote user to send a specially crafted URL to the victim and steal their session data.
CVSS Score
4.8
EPSS Score
0.001
Published
2024-05-14
CVE-2024-3791
Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting (XSS) through /admin/SystemConfiguration, name / free memory limit fields , type / password parameters. Exploitation of this vulnerability could allow a remote user to send a specially crafted URL to the victim and steal their session data.
CVSS Score
4.8
EPSS Score
0.002
Published
2024-05-14
CVE-2024-3787
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through S3 disks (/admin/DeviceS3). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.
CVSS Score
6.6
EPSS Score
0.016
Published
2024-05-14
CVE-2024-3788
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through License (/admin/CDPUsers). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.
CVSS Score
6.6
EPSS Score
0.007
Published
2024-05-14
CVE-2024-3789
Uncontrolled resource consumption vulnerability in White Bear Solutions WBSAirback, version 21.02.04. This vulnerability could allow an attacker to send multiple command injection payloads to influence the amount of resources consumed.
CVSS Score
6.5
EPSS Score
0.005
Published
2024-05-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved