Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2024-25181

A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery (SSRF) and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "file_get_contents" function within the "save.php" file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.3%
CVSS Severity
CVSS v3 Score 9.1
Products affected by CVE-2024-25181
  • Vvveb » Vvvebjs » Version: 1.0
    cpe:2.3:a:vvveb:vvvebjs:1.0
  • Vvveb » Vvvebjs » Version: 1.1
    cpe:2.3:a:vvveb:vvvebjs:1.1
  • Vvveb » Vvvebjs » Version: 1.2
    cpe:2.3:a:vvveb:vvvebjs:1.2
  • Vvveb » Vvvebjs » Version: 1.2.1
    cpe:2.3:a:vvveb:vvvebjs:1.2.1
  • Vvveb » Vvvebjs » Version: 1.2.2
    cpe:2.3:a:vvveb:vvvebjs:1.2.2
  • Vvveb » Vvvebjs » Version: 1.3
    cpe:2.3:a:vvveb:vvvebjs:1.3
  • Vvveb » Vvvebjs » Version: 1.4
    cpe:2.3:a:vvveb:vvvebjs:1.4
  • Vvveb » Vvvebjs » Version: 1.4.1
    cpe:2.3:a:vvveb:vvvebjs:1.4.1
  • Vvveb » Vvvebjs » Version: 1.5
    cpe:2.3:a:vvveb:vvvebjs:1.5
  • Vvveb » Vvvebjs » Version: 1.6
    cpe:2.3:a:vvveb:vvvebjs:1.6
  • Vvveb » Vvvebjs » Version: 1.7
    cpe:2.3:a:vvveb:vvvebjs:1.7
  • Vvveb » Vvvebjs » Version: 1.7.1
    cpe:2.3:a:vvveb:vvvebjs:1.7.1
  • Vvveb » Vvvebjs » Version: 1.7.2
    cpe:2.3:a:vvveb:vvvebjs:1.7.2
  • Vvveb » Vvvebjs » Version: 1.7.3
    cpe:2.3:a:vvveb:vvvebjs:1.7.3
  • Vvveb » Vvvebjs » Version: 1.7.4
    cpe:2.3:a:vvveb:vvvebjs:1.7.4


Products
Pricing
Contact Us

Shodan ® - All rights reserved