CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-6228

Malware in sbrugna...

6.8CVSS6.6AI score0.00137EPSS

Exploits0References3

RedhatCVE•added 2025/05/22 3:55 p.m.•7 views

CVE-2020-14069

An issue was discovered in MK-AUTH 19.01. There are SQL injection issues in mkt/ PHP scripts, as demonstrated by arp.php, dhcp.php, hotspot.php, ip.php, pgaviso.php, pgcorte.php, pppoe.php, queues.php, and wifi.php...

6.8CVSS8.1AI score0.00137EPSS

Exploits0

Cvelist•added 2021/01/04 2:5 a.m.•9 views

CVE-2021-21495

MK-AUTH through 19.01 K4.9 allows CSRF for password changes via the central/executarcentral.php?acao=altsenhaprinc URI...

9.1AI score0.0021EPSS

Exploits1References2

CNNVD•added 2021/01/02 12:0 a.m.•2 views

MK-AUTH Security Vulnerability

MK-AUTH is an access control system by the individual developer Pedro Filho in Brazil. A security vulnerability exists in MK-AUTH version 19.01 K4.9 and earlier versions, which allows remote attackers to obtain sensitive information such as CPF numbers to the central recibo.php URI via a modified...

4.3CVSS5.8AI score0.00293EPSS

Exploits0References3

NVD•added 2020/06/29 5:15 p.m.•8 views

CVE-2020-14072

An issue was discovered in MK-AUTH 19.01. It allows command execution as root via shell metacharacters to /auth admin scripts...

10CVSS0.01449EPSS

Exploits0References2

NVD•added 2020/06/29 5:15 p.m.•7 views

CVE-2020-14071

An issue was discovered in MK-AUTH 19.01. XSS vulnerabilities in admin and client scripts allow an attacker to execute arbitrary JavaScript code...

6.1CVSS0.00421EPSS

Exploits0References2

Prion•added 2020/06/29 5:15 p.m.•9 views

Sql injection

4.6CVSS7.2AI score0.00137EPSS

Exploits0References2Affected Software1

Prion•added 2020/06/29 5:15 p.m.•14 views

Sql injection

An issue was discovered in MK-AUTH 19.01. The web login functionality allows an attacker to bypass authentication and gain client privileges via SQL injection in central/executarlogin.php...

7.5CVSS10AI score0.0095EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/06/29 4:29 p.m.•12 views

CVE-2020-14072

An issue was discovered in MK-AUTH 19.01. It allows command execution as root via shell metacharacters to /auth admin scripts...

9.6AI score0.01449EPSS

Exploits0References2

CVE•added 2020/06/29 4:28 p.m.•48 views

CVE-2020-14071

The CVE-2020-14071 entry relates to MK-AUTH 19.01, where cross-site scripting (XSS) in both admin and client scripts allows an attacker to execute arbitrary JavaScript. The available connected documents confirm the affected product/version and the nature of the vulnerability but do not provide ex...

6.1CVSS6.3AI score0.00421EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/06/29 4:28 p.m.•13 views

CVE-2020-14071

An issue was discovered in MK-AUTH 19.01. XSS vulnerabilities in admin and client scripts allow an attacker to execute arbitrary JavaScript code...

6.4AI score0.00421EPSS

Exploits0References2

Cvelist•added 2020/06/29 4:24 p.m.•13 views

CVE-2020-14068

An issue was discovered in MK-AUTH 19.01. The web login functionality allows an attacker to bypass authentication and gain client privileges via SQL injection in central/executarlogin.php...

10AI score0.0095EPSS

Exploits0References2

Cvelist•added 2019/03/01 10:0 p.m.•9 views

CVE-2019-9547

In Storage Performance Development Kit SPDK before 19.01, a malicious vhost client i.e., virtual machine could carefully construct a circular descriptor chain that would result in a partial denial of service in the SPDK vhost target, because the vhost target did not properly detect such chains...

5.2AI score0.00305EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by