Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2025
CVE-2025-54654
Permission control vulnerability in the Gallery module. Successful exploitation of this vulnerability may affect service confidentiality
CVSS Score
6.2
EPSS Score
0.0
Published
2025-10-11
CVE-2025-11590
A weakness has been identified in CodeAstro Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/equipment-entry.php. Executing a manipulation of the argument ename can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.
CVSS Score
2.1
EPSS Score
0.0
Published
2025-10-11
CVE-2025-9549
Missing Authorization vulnerability in Drupal Facets allows Forceful Browsing.This issue affects Facets: from 0.0.0 before 2.0.10, from 3.0.0 before 3.0.1.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-10-10
CVE-2025-9550
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Facets allows Cross-Site Scripting (XSS).This issue affects Facets: from 0.0.0 before 2.0.10, from 3.0.0 before 3.0.1.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-10-10
CVE-2025-9551
Improper Restriction of Excessive Authentication Attempts vulnerability in Drupal Protected Pages allows Brute Force.This issue affects Protected Pages: from 0.0.0 before 1.8.0, from 7.X-1.0 before 7.X-2.5.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-10-10
CVE-2025-9552
Vulnerability in Drupal Synchronize composer.Json With Contrib Modules.This issue affects Synchronize composer.Json With Contrib Modules: *.*.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-10
CVE-2025-9553
Vulnerability in Drupal API Key manager.This issue affects API Key manager: *.*.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-10
CVE-2025-9554
Vulnerability in Drupal Owl Carousel 2.This issue affects Owl Carousel 2: *.*.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-10
CVE-2025-8093
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affects Authenticator Login: from 0.0.0 before 2.1.8.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-10-10
CVE-2025-11626
MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of service
CVSS Score
5.5
EPSS Score
0.0
Published
2025-10-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved