Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2025
CVE-2025-25818
A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the postStrVar function at article_save.php.
CVSS Score
5.1
EPSS Score
0.0
Published
2025-02-26
CVE-2025-25823
A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the article header at /admin/article.php.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-02-26
CVE-2025-25825
A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Titile in the article category section.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-02-26
CVE-2025-25827
A Server-Side Request Forgery (SSRF) in the component sort.php of Emlog Pro v2.5.4 allows attackers to scan local and internal ports via supplying a crafted URL.
CVSS Score
6.8
EPSS Score
0.0
Published
2025-02-26
CVE-2025-25791
An arbitrary file upload vulnerability in the plugin installation feature of YZNCMS v2.0.1 allows attackers to execute arbitrary code via uploading a crafted Zip file.
CVSS Score
4.4
EPSS Score
0.0
Published
2025-02-26
CVE-2025-25792
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the isopen parameter at admin_weixin.php.
CVSS Score
4.4
EPSS Score
0.001
Published
2025-02-26
CVE-2025-25793
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_notify.php.
CVSS Score
5.1
EPSS Score
0.001
Published
2025-02-26
CVE-2025-25794
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_ping.php.
CVSS Score
5.1
EPSS Score
0.001
Published
2025-02-26
CVE-2025-25796
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_template.php.
CVSS Score
5.1
EPSS Score
0.001
Published
2025-02-26
CVE-2025-25797
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_smtp.php.
CVSS Score
5.1
EPSS Score
0.001
Published
2025-02-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved