Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2025
CVE-2025-25760
A Server-Side Request Forgery (SSRF) in the component admin_webgather.php of SUCMS v1.0 allows attackers to access internal data and services via a crafted GET request.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-02-27
CVE-2025-25761
HkCms v2.3.2.240702 was discovered to contain an arbitrary file write vulnerability in the component Appcenter.php.
CVSS Score
7.2
EPSS Score
0.001
Published
2025-02-27
CVE-2024-56811
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-02-27
CVE-2024-56812
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-02-27
CVE-2025-0759
IBM EntireX 11.1 could allow a local user to unintentionally modify data timestamp integrity due to improper shared resource synchronization.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-02-27
CVE-2024-54169
IBM EntireX 11.1 could allow an authenticated attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-02-27
CVE-2024-54170
IBM EntireX 11.1 could allow a local user to cause a denial of service due to use of a regular expression with an inefficient complexity that consumes excessive CPU cycles.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-02-27
CVE-2024-56493
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-02-27
CVE-2024-56494
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-02-27
CVE-2024-56495
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-02-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved