CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

52 matches found

OSV•added 2026/05/26 12:30 p.m.•2 views

SUSE-SU-2026:21850-1 Security update for cups

This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. - CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. - CVE-2026-34979: Heap overflow in getoption...

7.8CVSS6.5AI score0.00032EPSS

Exploits8References17

CBLMariner•added 2026/04/27 9:30 p.m.•1 views

CVE-2026-41079 affecting package cups for versions less than 2.4.18-1

CVE-2026-41079 affecting package cups for versions less than 2.4.18-1. An upgraded version of the package is available that resolves this issue...

5.4CVSS5.2AI score0.00016EPSS

Exploits1

Tenable Nessus•added 2025/08/21 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2015-8078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the indexurlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via...

7.5CVSS7.2AI score0.00814EPSS

Exploits1References2

NVD•added 2025/01/02 12:15 p.m.•4 views

CVE-2024-37491

Cross-Site Request Forgery CSRF vulnerability in apollo13themes Rife Free rife-free allows Cross Site Request Forgery.This issue affects Rife Free: from n/a through = 2.4.18...

4.3CVSS0.00212EPSS

Exploits0References1

CVE•added 2025/01/02 12:0 p.m.•41 views

CVE-2024-37491

The CVE-2024-37491 entry concerns a Cross-Site Request Forgery (CSRF) vulnerability in the Apollo13Themes Rife Free WordPress theme. Public records indicate Rife Free versions up to 2.4.18 are affected. The vulnerability is described as CSRF, but the connected documents do not provide exploit det...

4.3CVSS5.9AI score0.00212EPSS

Exploits0References1

CNNVD•added 2025/01/02 12:0 a.m.•2 views

WordPress plugin Rife Free 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forge...

4.3CVSS6.6AI score0.00212EPSS

Exploits0References1

Patchstack•added 2024/07/04 12:0 a.m.•6 views

WordPress Rife Free Theme <= 2.4.18 is vulnerable to Cross Site Request Forgery (CSRF)

Software Rife Free Type Theme Vulnerable versions = 2.4.18 Fixed in 2.4.19 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37491 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4f4234705ec1 Credits Dhabaleshwar Das Require...

6.4AI score0.00212EPSS

Exploits0References2Affected Software1

OpenVAS•added 2023/03/08 12:0 a.m.•29 views

Debian: Security Advisory (DSA-1069-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS5.8AI score0.15369EPSS

Exploits8References3

0day.today•added 2020/07/20 12:0 a.m.•255 views

Daily Expense Tracker 1.0 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Daily Expense Tracker 1.0 - Authentication Bypass Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

0.3AI score

Exploits0

0day.today•added 2020/07/20 12:0 a.m.•258 views

Directory Management System (DMS) 1.0 SQL Injection Vulnerability

Directory Management System DMS version 1.0 suffers from multiple remote SQL Injection vulnerabilities, one of which allows for authentication bypass. Exploit Title: Directory Management System DMS 1.0 - Authentication Bypass Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 |...

Exploits0

0day.today•added 2020/07/20 12:0 a.m.•462 views

Employee Record Management System 1.1 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Employee Record Management SystemERMS 1.1 - Authentication Bypass Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

7.4AI score

Exploits0

Packet Storm•added 2020/07/20 12:0 a.m.•469 views

Daily Expense Tracker 1.0 SQL Injection

Exploit Title: Daily Expense Tracker 1.0 - Authentication Bypass Date: 2020-07-20 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/daily-expense-tracker-using-php-and-mysql/ Software Link:...

0.7AI score

Exploits0

0day.today•added 2020/07/14 12:0 a.m.•239 views

Teachers Record Management System 1.0 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Teachers Record Management System 1.0 - 'searchteacher' SQL Injection Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

7.4AI score

Exploits0

0day.today•added 2020/07/14 12:0 a.m.•217 views

Client Management System 1.0 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Client Management System 1.0 - 'searchdata' SQL Injection Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

0.2AI score

Exploits0

Exploit DB•added 2020/07/13 12:0 a.m.•219 views

Park Ticketing Management System 1.0 - 'viewid' SQL Injection

Exploit Title: Park Ticketing Management System 1.0 - 'viewid' SQL Injection Date: 2020-07-13 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/park-ticketing-management-system-using-php-and-mysql/ Software...

7.4AI score

Exploits0

0day.today•added 2020/07/13 12:0 a.m.•216 views

Park Ticketing Management System 1.0 - Authentication Bypass Vulnerability

Exploit for php platform in category web applications Exploit Title: Park Ticketing Management System 1.0 - Authentication Bypass Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

7.1AI score

Exploits0

Packet Storm•added 2020/07/13 12:0 a.m.•227 views

User Registration And Login And User Management System 2.1 SQL Injection

Exploit Title: User Registration & Login and User Management System With admin panel - Authentication Bypass Date: 2020-07-04 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

7.4AI score

Exploits0

0day.today•added 2020/07/13 12:0 a.m.•209 views

Small CRM 2.0 SQL Injection Exploit

Exploit for php platform in category web applications Exploit Title: Small CRM in PHP - 'id' SQL Injection Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/small-crm-php/ Software Link:...

Exploits0

Packet Storm•added 2020/07/12 12:0 a.m.•198 views

Responsive Online Blog 1.0 SQL Injection

Exploit Title: Responsive Online Blog 1.0 - 'single.php?id=' SQL Injection Date: 2020-07-03 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

7.4AI score

Exploits0

0day.today•added 2020/07/12 12:0 a.m.•167 views

Online DJ Booking Management System Project Report 1.0 SQL Injection / Code Execution Vulnerabilitie

Exploit for php platform in category web applications Exploit Title: Online DJ Booking Management System Project Report - RCE Through SQLi Authenticated User - admin Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by