Shodan
Vulnerabilities
Vulnerable Software
Expressionengine:  >> Expressionengine  >> 5.4.2  Security Vulnerabilities
CVE-2024-38454
ExpressionEngine before 7.4.11 allows XSS.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-06-16
CVE-2023-22953
In ExpressionEngine before 7.2.6, remote code execution can be achieved by an authenticated Control Panel user.
CVSS Score
8.8
EPSS Score
0.015
Published
2023-02-09
CVE-2021-33199
In Expression Engine before 6.0.3, addonIcon in Addons/file/mod.file.php relies on the untrusted input value of input->get('file') instead of the fixed file names of icon.png and icon.svg.
CVSS Score
9.8
EPSS Score
0.004
Published
2021-08-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved