Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-27956
Directory Traversal vulnerability in WebLaudos 24.2 (04) allows a remote attacker to obtain sensitive information via the id parameter.
CVSS Score
7.5
EPSS Score
0.02
Published
2025-06-02
CVE-2025-45387
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-06-02
CVE-2025-23104
An issue was discovered in Samsung Mobile Processor Exynos 2200. A Use-After-Free in the mobile processor leads to privilege escalation.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-06-02
CVE-2025-27953
An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the session management component.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-06-02
CVE-2025-44115
A vulnerability has been found in Cotonti Siena v0.9.25. Affected by this vulnerability is the file /admin.php?m=config&n=edit&o=core&p=title. The manipulation of the value of title leads to cross-site scripting.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-06-02
CVE-2025-45542
SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-06-02
CVE-2024-40113
Sitecom WLX-2006 Wall Mount Range Extender N300 v.1.5 and before is vulnerable to Use of Default Credentials.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-06-02
CVE-2024-40114
A Cross Site Scripting (XSS) vulnerability in Sitecom WLX-2006 Wall Mount Range Extender N300 v1.5 and before allows an attacker to manipulate the language cookie to inject malicious JavaScript code.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-06-02
CVE-2024-57459
A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP Project 1.0. The myds parameter does not properly validate user input, allowing an attacker to inject arbitrary SQL commands.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-06-02
CVE-2024-40112
A Local File Inclusion (LFI) vulnerability exists in Sitecom WLX-2006 Wall Mount Range Extender N300 v1.5 and before, which allows an attacker to manipulate the "language" cookie to include arbitrary files from the server. This vulnerability can be exploited to disclose sensitive information.
CVSS Score
5.9
EPSS Score
0.0
Published
2025-06-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved