Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2025
CVE-2025-0540
A vulnerability has been found in itsourcecode Tailoring Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /expadd.php. The manipulation of the argument expcat leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
6.3
EPSS Score
0.001
Published
2025-01-17
CVE-2024-57035
WeGIA v3.2.0 is vulnerable to SQL Injection viathe nextPage parameter in /controle/control.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-01-17
CVE-2024-57252
OtCMS <=V7.46 is vulnerable to Server-Side Request Forgery (SSRF) in /admin/read.php, which can Read system files arbitrarily.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-01-17
CVE-2025-0538
A vulnerability, which was classified as problematic, was found in code-projects Tourism Management System 1.0. Affected is an unknown function of the file /admin/manage-pages.php. The manipulation of the argument pgedetails leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
3.5
EPSS Score
0.001
Published
2025-01-17
CVE-2024-57033
WeGIA < 3.2.0 is vulnerable to Cross Site Scripting (XSS) via the dados_addInfo parameter of documentos_funcionario.php.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-01-17
CVE-2025-21399
Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability
CVSS Score
7.4
EPSS Score
0.003
Published
2025-01-17
CVE-2025-21185
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVSS Score
6.5
EPSS Score
0.005
Published
2025-01-17
CVE-2024-57034
WeGIA < 3.2.0 is vulnerable to SQL Injection in query_geracao_auto.php via the query parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2025-01-17
CVE-2024-57369
Clickjacking vulnerability in typecho v1.2.1.
CVSS Score
6.4
EPSS Score
0.001
Published
2025-01-17
CVE-2025-0536
A vulnerability classified as critical was found in 1000 Projects Attendance Tracking Management System 1.0. This vulnerability affects unknown code of the file /admin/edit_action.php. The manipulation of the argument attendance_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
6.3
EPSS Score
0.001
Published
2025-01-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved