Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-8518
A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. The name of the patch is f684f3e374d04db715730fc4796e102f5ebcacb2. It is recommended to upgrade the affected component.
CVSS Score
4.7
EPSS Score
0.001
Published
2025-08-04
CVE-2025-44960
RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route.
CVSS Score
8.5
EPSS Score
0.002
Published
2025-08-04
CVE-2025-44961
In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user.
CVSS Score
9.9
EPSS Score
0.001
Published
2025-08-04
CVE-2025-44962
RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files.
CVSS Score
5.0
EPSS Score
0.0
Published
2025-08-04
CVE-2025-44963
RUCKUS Network Director (RND) before 4.5 allows spoofing of an administrator JWT by an attacker who knows the hardcoded value of a certain secret key.
CVSS Score
9.0
EPSS Score
0.001
Published
2025-08-04
CVE-2025-51534
A cross-site scripting (XSS) vulnerability in Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-08-04
CVE-2025-44954
RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account.
CVSS Score
9.0
EPSS Score
0.001
Published
2025-08-04
CVE-2025-44957
Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers.
CVSS Score
8.5
EPSS Score
0.001
Published
2025-08-04
CVE-2025-44958
RUCKUS Network Director (RND) before 4.5 stores passwords in a recoverable format.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-08-04
CVE-2025-8517
A vulnerability was detected in givanz Vvveb 1.0.6.1. Impacted is an unknown function. The manipulation results in session fixiation. The attack can be launched remotely. The exploit is now public and may be used. Upgrading to version 1.0.7 is recommended to address this issue. The patch is identified as d4b1e030066417b77d15b4ac505eed5ae7bf2c5e. You should upgrade the affected component.
CVSS Score
6.3
EPSS Score
0.001
Published
2025-08-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved