Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2025
CVE-2025-29456
An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the create Notes function.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-04-17
CVE-2025-29457
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a Theme function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation.
CVSS Score
7.6
EPSS Score
0.003
Published
2025-04-17
CVE-2025-29458
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Change Avatar function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation.
CVSS Score
7.6
EPSS Score
0.003
Published
2025-04-17
CVE-2025-29459
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Mail function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation.
CVSS Score
7.6
EPSS Score
0.003
Published
2025-04-17
CVE-2025-29460
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Add Mycode function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation.
CVSS Score
7.6
EPSS Score
0.002
Published
2025-04-17
CVE-2025-29461
An issue in a-blogcms 3.1.15 allows a remote attacker to obtain sensitive information via the /bid/1/admin/entry-edit/ path.
CVSS Score
7.6
EPSS Score
0.003
Published
2025-04-17
CVE-2024-42178
HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Unauthenticated users might gain unauthorized access to potentially confidential information, creating a risk of misuse, manipulation, or unauthorized distribution.
CVSS Score
2.5
EPSS Score
0.001
Published
2025-04-17
CVE-2025-29453
An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the my-contacts-settings component.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-04-17
CVE-2025-29449
An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via the link identification function.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-04-17
CVE-2025-29450
An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via the site settings component.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-04-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved