CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

Positive Technologies•added 2026/05/25 12:0 a.m.•13 views

PT-2026-43030

A flaw has been found in SourceCodester Simple POS and Inventory System 1.0. Impacted is an unknown function of the file /admin/addproduct.php of the component File Extension Handler. This manipulation of the argument image causes unrestricted upload. Remote exploitation of the attack is possible...

6.5CVSS6.2AI score0.00333EPSS

Exploits0References5

RedhatCVE•added 2026/04/07 10:51 a.m.•2 views

CVE-2026-5647

A vulnerability was detected in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /admin/adminfeature.php of the component Add Product Page. The manipulation of the argument productname results in cross site scripting. The attack may be launched remotely. The exploit i...

4.8CVSS4.4AI score0.00206EPSS

Exploits0References1

NVD•added 2026/04/06 11:17 a.m.•1 views

CVE-2026-5647

4.8CVSS0.00206EPSS

Exploits0References5

ATTACKERKB•added 2026/04/06 10:45 a.m.•2 views

CVE-2026-5647

4.8CVSS4.4AI score0.00206EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2026/04/06 12:0 a.m.•2 views

PT-2026-30597

A vulnerability was detected in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /admin/admin feature.php of the component Add Product Page. The manipulation of the argument product name results in cross site scripting. The attack may be launched remotely. The exploit...

4.8CVSS4.4AI score0.00206EPSS

Exploits0References6

NVD•added 2025/11/20 12:15 a.m.•2 views

CVE-2025-13424

A vulnerability has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/addproduct.php. The manipulation of the argument txtProductName leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to...

9.8CVSS0.00333EPSS

Exploits1References5

EUVD•added 2025/10/27 6:31 p.m.•5 views

EUVD-2025-36200

A vulnerability was found in ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System up to 1.1.0. This affects an unknown part of the file /admin/index.php?addproduct of the component Add Product Page. The manipulation results in unrestricted upload. The attack may be performed from remote...

5.8CVSS4.5AI score0.00252EPSS

Exploits0References5

NVD•added 2025/10/27 4:15 p.m.•8 views

CVE-2025-12291

5.8CVSS0.00252EPSS

Exploits0References4

Cvelist•added 2025/10/27 3:32 p.m.•8 views

CVE-2025-12291 ashymuzuro Full-Ecommece-Website/Muzuro Ecommerce System Add Product index.php unrestricted upload

5.8CVSS0.00252EPSS

Exploits0References4

Positive Technologies•added 2025/10/27 12:0 a.m.•4 views

PT-2025-43975

Name of the Vulnerable Software and Affected Versions ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System versions up to 1.1.0 Description A flaw exists in the Add Product Page component of the software, specifically affecting the file /admin/index.php?add product. This allows for...

5.8CVSS6AI score0.00252EPSS

Exploits0References8

NVD•added 2025/08/09 7:15 a.m.•7 views

CVE-2025-8750

A vulnerability has been found in macrozheng mall up to 1.0.3 and classified as problematic. Affected by this vulnerability is the function Upload of the file /minio/upload of the component Add Product Page. The manipulation of the argument File leads to cross site scripting. The attack can be...

5.4CVSS0.00254EPSS

Exploits1References5

Cvelist•added 2025/08/09 7:2 a.m.•10 views

CVE-2025-8750 macrozheng mall Add Product Page upload cross site scripting

4.8CVSS0.00254EPSS

Exploits1References5

Vulnrichment•added 2025/08/09 7:2 a.m.•3 views

CVE-2025-8750 macrozheng mall Add Product Page upload cross site scripting

4.8CVSS6.3AI score0.00254EPSS

Exploits1References5

CVE•added 2025/08/09 7:2 a.m.•19 views

CVE-2025-8750

CVE-2025-8750 affects macrozheng mall

5.4CVSS6.3AI score0.00254EPSS

Exploits1References5Affected Software1

Positive Technologies•added 2025/08/09 12:0 a.m.•4 views

PT-2025-32431 · Minio +1 · Minio +1

Name of the Vulnerable Software and Affected Versions: macrozheng mall versions up to 1.0.3 Description: A vulnerability exists in the Upload function of the /minio/upload file within the Add Product Page component. Manipulation of the File argument can lead to cross-site scripting XSS. This issu...

4.8CVSS3.2AI score0.00254EPSS

Exploits1References10

CNVD•added 2025/06/11 12:0 a.m.•2 views

Dairy Farm Shop Management System /add-product.php File SQL Injection Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement for the parameter productname in the file...

9.8CVSS7.9AI score0.00534EPSS

Exploits1References1

CNNVD•added 2025/06/04 12:0 a.m.•2 views

PHPGurukul Dairy Farm Shop Management System 安全漏洞

9.8CVSS8.1AI score0.00534EPSS

Exploits1References5

CNVD•added 2024/09/25 12:0 a.m.•2 views

Dairy Farm Shop Management System Cross-Site Scripting Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the pname parameter of the...

5.9CVSS6.2AI score0.00219EPSS

Exploits1References1

OSV•added 2024/09/23 1:15 p.m.•4 views

CVE-2024-46241

PHPGurukul Dairy Farm Shop Management System v1.1 is vulnerable to Cross-Site Scripting XSS via the pname parameter in addproduct.php and editproduct.php...

5.9CVSS5.8AI score0.00219EPSS

Exploits1References1

CNNVD•added 2024/09/23 12:0 a.m.•2 views

PHPGurukul Dairy Farm Shop Management System 安全漏洞

5.9CVSS6.2AI score0.00219EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by