Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-50722
Insecure Permissions vulnerability in sparkshop v.1.1.7 allows a remote attacker to execute arbitrary code via the Common.php component
CVSS Score
9.8
EPSS Score
0.004
Published
2025-08-25
CVE-2025-55409
FoxCMS 1.2.6, there is a Cross Site Scripting vulnerability in /index.php/article. This allows attackers to execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-08-25
CVE-2025-55574
Cross Site Scripting vulnerability in docmost v.0.21.0 and before allows an attacker to execute arbitrary code
CVSS Score
6.1
EPSS Score
0.0
Published
2025-08-25
CVE-2025-29523
D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the ping6 function.
CVSS Score
7.2
EPSS Score
0.003
Published
2025-08-25
CVE-2025-56216
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in about-us.php via the pagetitle parameter.
CVSS Score
8.5
EPSS Score
0.0
Published
2025-08-25
CVE-2025-53510
A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .psd file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based buffer to overflow when decoding the image which can lead to remote code execution. An attacker will need to convince the library to read a file to trigger this vulnerability.
CVSS Score
8.8
EPSS Score
0.002
Published
2025-08-25
CVE-2025-56212
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in add-doctor.php via the docname parameter.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-08-25
CVE-2025-56214
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in index.php via the username parameter.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-08-25
CVE-2025-56215
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in contact.php via the pagetitle parameter.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-08-25
CVE-2025-51281
D-Link DI-8100 16.07.26A1 is vulnerable to Buffer Overflow via the en`, `val and id parameters in the qj_asp function. This vulnerability allows authenticated attackers to cause a Denial of Service (DoS) by sending crafted GET requests with overly long values for these parameters.
CVSS Score
7.0
EPSS Score
0.0
Published
2025-08-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved