Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-37156
A platform-level denial-of-service (DoS) vulnerability exists in ArubaOS-CX software. Successful exploitation of this vulnerability could allow an attacker with administrative access to execute specific code that renders the switch non-bootable and effectively non-functional.
CVSS Score
6.8
EPSS Score
0.001
Published
2025-11-18
CVE-2025-37157
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution (RCE) on the affected system.
CVSS Score
6.7
EPSS Score
0.001
Published
2025-11-18
CVE-2025-37158
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution (RCE) on the affected system.
CVSS Score
6.7
EPSS Score
0.001
Published
2025-11-18
CVE-2025-37159
A vulnerability in the web management interface of the AOS-CX OS user authentication service could allow an authenticated remote attacker to hijack an active user session. Successful exploitation may enable the attacker to maintain unauthorized access to the session, potentially leading to the view or modification of sensitive configuration data.
CVSS Score
5.8
EPSS Score
0.0
Published
2025-11-18
CVE-2025-63514
kishan0725 Hospital Management System has a Cross-Site Scripting (XSS) vulnerability in appsearch.php via the email parameter.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-11-18
CVE-2025-63694
DzzOffice v2.3.7 and before is vulnerable to SQL Injection in explorer/groupmanage.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-11-18
CVE-2025-63695
DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php/controller.php.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-11-18
CVE-2025-63828
Host Header Injection vulnerability in Backdrop CMS 1.32.1 allows attackers to manipulate the Host header in password reset requests, leading to redirects to malicious domains and potential session hijacking via cookie injection.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-11-18
CVE-2025-63513
kishan0725 Hospital Management System v4 has an Insecure Direct Object Reference (IDOR) vulnerability in the appointment cancellation functionality.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-11-18
CVE-2025-63512
kishan0725 Hospital Management System/ v4 is vulnerable to SQL Injection in admin-panel1.php, specifically in the deleting doctor logic. The application fails to properly sanitize or parameterize user-supplied input from the demail parameter before incorporating it directly into a dynamic SQL query.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-11-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved