CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2026/04/14 7:23 p.m.•2 views

CVE-2026-36235

A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly embedded into the SQL query via string interpolation without any sanitization or validation...

9.8CVSS5.8AI score0.00047EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 5:3 a.m.•7 views

CVE-2023-36235

An issue in webkul qloapps before v1.6.0 allows an attacker to obtain sensitive information via the idorder parameter...

6.5CVSS6.3AI score0.00075EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 7:57 p.m.•7 views

CVE-2021-36235

An issue was discovered in Ivanti Workspace Control before 10.6.30.0. A locally authenticated user with low privileges can bypass File and Folder Security by leveraging an unspecified attack vector. As a result, the attacker can start applications with elevated privileges...

7.8CVSS6.8AI score0.00303EPSS

Exploits0References1

Cvelist•added 2024/06/13 7:53 a.m.•21 views

CVE-2024-36235 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires us...

5.4CVSS0.08859EPSS

Exploits0References1

Circl•added 2024/01/24 9:16 p.m.•4 views

CVE-2023-36235

creationtimestamp| type| source ---|---|--- 2024-01-24 21:16:27+00:00| seen| https://t.me/ctinow/173087 2024-02-10 16:11:41+00:00| seen| https://t.me/ctinow/182600 2025-06-10 16:31:53+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17928...

6.5CVSS6.3AI score0.00075EPSS

Exploits1References3

OSV•added 2024/01/17 3:15 a.m.•9 views

CVE-2023-36235

An issue in webkul qloapps before v1.6.0 allows an attacker to obtain sensitive information via the idorder parameter...

6.5CVSS6.5AI score

Exploits0References3

CVE•added 2024/01/17 12:0 a.m.•33 views

CVE-2023-36235

CVE-2023-36235 affects Webkul Qloapps prior to version 1.6.0 , exposing sensitive information via the id_order parameter. The available connected document details indicate an information disclosure risk rooted in handling of the id_order input, enabling an attacker to obtain sensitive data. The v...

6.5CVSS6.2AI score0.00075EPSS

Exploits1References3Affected Software1

CVE•added 2021/09/01 12:19 a.m.•50 views

CVE-2021-36235

CVE-2021-36235 affects Ivanti Workspace Control before 10.6.30.0. A locally authenticated user with low privileges can bypass File and Folder Security via an unspecified attack vector, enabling the attacker to start applications with elevated privileges. The connected sources confirm the affected...

7.8CVSS7.5AI score0.00303EPSS

Exploits0References1Affected Software1

Circl•added 2021/02/15 2:45 a.m.•1 views

CVE-2020-36235

creationtimestamp| type| source ---|---|--- 2021-02-15 02:45:55+00:00| seen| https://t.me/cibsecurity/23580...

5.3CVSS5.5AI score0.00503EPSS

Exploits0References1

CVE•added 2021/02/14 11:45 p.m.•100 views

CVE-2020-36235

Vulnerability: Atlassian Jira Server/Data Center information disclosure via the mobile site view. Affected: before 8.13.2, and 8.14.0 before 8.14.1. Impact: unauthenticated remote attackers can view custom field and custom SLA names. Root cause: information disclosure in the mobile site view (spe...

5.3CVSS5.1AI score0.00503EPSS

Exploits0References1Affected Software3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by