Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2025
CVE-2025-29461
An issue in a-blogcms 3.1.15 allows a remote attacker to obtain sensitive information via the /bid/1/admin/entry-edit/ path.
CVSS Score
7.6
EPSS Score
0.002
Published
2025-04-17
CVE-2024-42178
HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Unauthenticated users might gain unauthorized access to potentially confidential information, creating a risk of misuse, manipulation, or unauthorized distribution.
CVSS Score
2.5
EPSS Score
0.001
Published
2025-04-17
CVE-2025-29453
An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the my-contacts-settings component.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-04-17
CVE-2025-29449
An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via the link identification function.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-04-17
CVE-2025-29450
An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via the site settings component.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-04-17
CVE-2025-29451
An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensitive information via the Mail Setting component.
CVSS Score
7.6
EPSS Score
0.002
Published
2025-04-17
CVE-2025-29452
An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensitive information via the Proxy Manager component.
CVSS Score
7.6
EPSS Score
0.002
Published
2025-04-17
CVE-2025-29454
An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the Upload function.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-04-17
CVE-2025-29455
An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the Travel Ideas" function.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-04-17
CVE-2025-3764
A vulnerability classified as critical was found in SourceCodester Web-based Pharmacy Product Management System 1.0. This vulnerability affects unknown code of the file /edit-product.php. The manipulation of the argument Avatar leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
6.3
EPSS Score
0.001
Published
2025-04-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved