Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-40685
Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through theĀ 'searcstate' parameter in/state.php.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-07-29
CVE-2025-50485
Improper session invalidation in the component /crm/change-password.php of PHPGurukul Online Course Registration v3.1 allows attackers to execute a session hijacking attack.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-07-28
CVE-2025-50486
Improper session invalidation in the component /carrental/update-password.php of PHPGurukul Car Rental Project v3.0 allows attackers to execute a session hijacking attack.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-07-28
CVE-2025-50484
Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM v3.0 allows attackers to execute a session hijacking attack.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-07-28
CVE-2025-50487
Improper session invalidation in the component /bbdms/change-password.php of PHPGurukul Blood Bank & Donor Management System v2.4 allows attackers to execute a session hijacking attack.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-07-28
CVE-2025-50491
Improper session invalidation in the component /banker/change-password.php of PHPGurukul Bank Locker Management System v1 allows attackers to execute a session hijacking attack.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-07-28
CVE-2025-50492
Improper session invalidation in the component /edms/change-password.php of PHPGurukul e-Diary Management System v1 allows attackers to execute a session hijacking attack.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-07-28
CVE-2025-50488
Improper session invalidation in the component /library/change-password.php of PHPGurukul Online Library Management System v3.0 allows attackers to execute a session hijacking attack.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-07-28
CVE-2025-50489
Improper session invalidation in the component /srms/change-password.php of PHPGurukul Student Result Management System v2.0 allows attackers to execute a session hijacking attack.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-07-28
CVE-2025-54538
In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg pull" command
CVSS Score
5.5
EPSS Score
0.0
Published
2025-07-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved