Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-51502
Reflected Cross-Site Scripting (XSS) in Microweber CMS 2.0 via the layout parameter on the /admin/page/create page allows arbitrary JavaScript execution in the context of authenticated admin users.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-08-01
CVE-2025-51504
Microweber CMS 2.0 is vulnerable to Cross Site Scripting (XSS)in the /projects/profile, homepage endpoint via the last name field.
CVSS Score
7.6
EPSS Score
0.001
Published
2025-08-01
CVE-2025-44139
Emlog Pro V2.5.7 is vulnerable to Unrestricted Upload of File with Dangerous Type via /emlog/admin/plugin.php?action=upload_zip
CVSS Score
7.2
EPSS Score
0.001
Published
2025-08-01
CVE-2025-52327
SQL Injection vulnerability in Restaurant Order System 1.0 allows a local attacker to obtain sensitive information via the payment.php file
CVSS Score
7.8
EPSS Score
0.0
Published
2025-08-01
CVE-2025-46018
CSC Pay Mobile App 2.19.4 (fixed in version 2.20.0) contains a vulnerability allowing users to bypass payment authorization by disabling Bluetooth at a specific point during a transaction. This could result in unauthorized use of laundry services and potential financial loss.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-08-01
CVE-2025-41374
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/hislistadoacciones.php.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-08-01
CVE-2025-41371
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb_v4/integra/html/view/acceso.php
CVSS Score
8.8
EPSS Score
0.0
Published
2025-08-01
CVE-2025-41372
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/informe_campo_entrevistas.php.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-08-01
CVE-2025-41373
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/hislistadoacciones.php.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-08-01
CVE-2025-41370
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb/html/view/acceso.php.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-08-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved