CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

151 matches found

CVE-2026-0856

Improper Access Control vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables a normal user gaining access to the admin panel. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+3230...

7.8CVSS5.5AI score0.00013EPSS

Exploits0References1

Cvelist•added 2026/05/20 10:38 a.m.•33 views

CVE-2026-0856

7.8CVSS0.00013EPSS

Exploits0References1

Vulnrichment•added 2026/05/20 10:38 a.m.•9 views

CVE-2026-0856

7.8CVSS5.8AI score0.00013EPSS

Exploits0References1

Vulnrichment•added 2026/04/23 1:44 p.m.•0 views

CVE-2026-41460 SocialEngine <= 7.8.0 SQL Injection via activity/index/get-memberall

SocialEngine versions 7.8.0 and prior contain a SQL injection vulnerability in the /activity/index/get-memberall endpoint where user-supplied input passed via the text parameter is not sanitized before being incorporated into a SQL query. An unauthenticated remote attacker can exploit this...

9.8CVSS6.5AI score0.00525EPSS

Exploits2References3

EUVD•added 2026/04/01 3:31 a.m.•1 views

EUVD-2026-17743

XenForo before 2.3.9 and before 2.2.18 allows remote code execution RCE by authenticated, but malicious, admin users. An attacker with admin panel access can execute arbitrary code on the server...

8.7CVSS6.7AI score0.00159EPSS

Exploits0References3

NVD•added 2026/03/12 4:16 p.m.•2 views

CVE-2019-25515

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vulnerability in the login.php administration panel that allows unauthenticated attackers to gain administrative access by submitting crafted SQL syntax. Attackers can bypass authentication by submitting equals signs and...

9.8CVSS0.00991EPSS

Exploits1References2

GithubExploit•added 2026/02/06 9:30 p.m.•173 views

Exploit for Expression Language Injection in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

ButtF - Backend Misconfiguration & Logic Flaw Exploitation Too...

10CVSS5.7AI score0.94428EPSS

Exploits432

OSV•added 2026/01/13 4:16 p.m.•1 views

CVE-2026-0407

An insufficient authentication vulnerability in NETGEAR WiFi range extenders allows a network adjacent attacker with WiFi authentication or a physical Ethernet port connection to bypass the authentication process and access the admin panel...

8CVSS5.8AI score

Exploits0References5

RedhatCVE•added 2026/01/09 11:27 a.m.•6 views

CVE-2021-33470

COVID19 Testing Management System 1.0 is vulnerable to SQL Injection via the admin panel...

9.8CVSS8.1AI score0.02525EPSS

Exploits3References1

RedhatCVE•added 2026/01/09 10:51 a.m.•5 views

CVE-2022-42176

In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to admin panel access...

7.8CVSS6.9AI score0.00122EPSS

Exploits2References1

Cvelist•added 2026/01/09 12:0 a.m.•17 views

CVE-2025-67070

A vulnerability exists in Intelbras CFTV IP NVD 9032 R Ftd V2.800.00IB00C.0.T, which allows an unauthenticated attacker to bypass the multi-factor authentication MFA mechanism during the password recovery process. This results in the ability to change the admin password and gain full access to th...

0.00053EPSS

Exploits0References1

CNNVD•added 2025/12/22 12:0 a.m.•4 views

PluXml 安全漏洞

PluXml is a free open source content management system from PluXml Open Source that does not require a database to work. A security vulnerability exists in PluXml version 5.8.22, which originates from an attacker with administrator panel access who can inject a malicious PHP webshell into theme...

6.5CVSS7.6AI score0.00179EPSS

Exploits2References3

RedhatCVE•added 2025/11/13 1:0 a.m.•4 views

CVE-2025-64281

An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to access the admin panel without admin credentials...

9.8CVSS6.9AI score0.00099EPSS

Exploits0References1

EUVD•added 2025/11/12 6:31 p.m.•1 views

EUVD-2025-131926

An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to access the admin panel without admin credentials...

6.4AI score0.00099EPSS

Exploits0References3

CNNVD•added 2025/11/12 12:0 a.m.•1 views

CentralSquare Community Development 安全漏洞

CentralSquare Community Development is a public affairs department software system for local governments from CentralSquare USA. A security vulnerability exists in CentralSquare Community Development version 19.5.7, which stems from an authentication bypass that could result in unauthorized acces...

9.8CVSS6.4AI score0.00099EPSS

Exploits0References3

CVE•added 2025/11/12 12:0 a.m.•8 views

CVE-2025-64281

CVE-2025-64281 describes an authentication bypass in CentralSquare Community Development version 19.5.7 that allows attackers to access the admin panel without admin credentials. The connected sources confirm the affected product and version, the issue is labeled as a high-impact vulnerability (C...

9.8CVSS6.5AI score0.00099EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2025/10/31 12:0 a.m.•1 views

CVE-2025-29270

Incorrect access control in the realtime.cgi endpoint of Deep Sea Electronics devices DSE855 v1.1.0 to v1.1.26 allows attackers to gain access to the admin panel and complete control of the device...

6.7AI score0.00067EPSS

Exploits0References1

Positive Technologies•added 2025/10/31 12:0 a.m.•3 views

PT-2025-44641

Name of the Vulnerable Software and Affected Versions Deep Sea Electronics DSE855 versions 1.1.0 through 1.1.26 Description A flaw exists in access control within the realtime.cgi endpoint of Deep Sea Electronics devices. This allows attackers to access the admin panel and gain complete control o...

10CVSS6.6AI score0.00067EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-7098

Malware in sbrugna...

4.8CVSS5.1AI score0.00185EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-6760

Malware in sbrugna...

9.8CVSS9.5AI score0.00345EPSS

Exploits0References2