Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-53441
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Greeny greeny allows PHP Local File Inclusion.This issue affects Greeny: from n/a through <= 2.6.
CVSS Score
8.1
EPSS Score
0.002
Published
2025-12-18
CVE-2025-53442
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Rentic rentic allows PHP Local File Inclusion.This issue affects Rentic: from n/a through <= 1.1.
CVSS Score
8.1
EPSS Score
0.002
Published
2025-12-18
CVE-2025-53435
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Plan My Day planmyday allows PHP Local File Inclusion.This issue affects Plan My Day: from n/a through <= 1.1.13.
CVSS Score
8.1
EPSS Score
0.002
Published
2025-12-18
CVE-2025-14318
Improper access checks in M-Files Server before 25.12.15491.7 allows users to download files through M-Files Web using Web Companion despite Print and Download Prevention module being enabled.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-12-18
CVE-2025-47350
Memory corruption while handling concurrent memory mapping and unmapping requests from a user-space application.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-12-18
CVE-2025-47372
Memory Corruption when a corrupted ELF image with an oversized file size is read into a buffer without authentication.
CVSS Score
9.0
EPSS Score
0.0
Published
2025-12-18
CVE-2025-47325
Information disclosure while processing system calls with invalid parameters.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-12-18
CVE-2025-68461
Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a Cross-Site-Scripting (XSS) vulnerability via the animate tag in an SVG document.
CVSS Score
7.2
EPSS Score
0.0
Published
2025-12-18
CVE-2025-68460
Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a information disclosure vulnerability in the HTML style sanitizer.
CVSS Score
7.2
EPSS Score
0.0
Published
2025-12-18
CVE-2025-14856
A security vulnerability has been detected in y_project RuoYi up to 4.8.1. The affected element is an unknown function of the file /monitor/cache/getnames. Such manipulation of the argument fragment leads to code injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-12-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved