Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2025
CVE-2025-32626
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Job Manager js-jobs allows SQL Injection.This issue affects JS Job Manager: from n/a through <= 2.0.2.
CVSS Score
9.8
EPSS Score
0.002
Published
2025-04-17
CVE-2025-32526
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dylan James Zephyr Project Manager zephyr-project-manager allows Reflected XSS.This issue affects Zephyr Project Manager: from n/a through <= 3.3.101.
CVSS Score
6.1
EPSS Score
0.002
Published
2025-04-17
CVE-2025-29042
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr key value to the function 0x42232c
CVSS Score
9.8
EPSS Score
0.072
Published
2025-04-17
CVE-2025-29043
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x417234
CVSS Score
9.8
EPSS Score
0.072
Published
2025-04-17
CVE-2025-24752
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Reflected XSS.This issue affects Essential Addons for Elementor: from n/a through <= 6.0.14.
CVSS Score
6.1
EPSS Score
0.026
Published
2025-04-17
CVE-2025-25457
Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via cloneType2.
CVSS Score
7.5
EPSS Score
0.004
Published
2025-04-17
CVE-2025-24577
Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through <= 5.5.0.
CVSS Score
9.8
EPSS Score
0.003
Published
2025-04-17
CVE-2024-55238
OpenMetadata <=1.4.1 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the WorkflowDAO interface. The workflowtype and status parameters can be used to build a SQL query.
CVSS Score
7.1
EPSS Score
0.002
Published
2025-04-17
CVE-2024-56518
Hazelcast Management Center through 6.0 allows remote code execution via a JndiLoginModule user.provider.url in a hazelcast-client XML document (aka a client configuration file), which can be uploaded at the /cluster-connections URI.
CVSS Score
9.8
EPSS Score
0.02
Published
2025-04-17
CVE-2025-29046
Buffer Overflow vulnerability inALFA WiFi CampPro router ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the GAPSMinute3 key value
CVSS Score
9.8
EPSS Score
0.028
Published
2025-04-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved