CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Cross Site Scripting XSS in /admin/view-booking-detail.php and /admin/invoice-generating.php...

6.1CVSS6.3AI score0.00181EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 10:41 a.m.•6 views

CVE-2024-7048

In version v0.3.8 of open-webui, an improper privilege management vulnerability exists in the API endpoints GET /api/v1/documents/ and POST /rag/api/v1/doc. This vulnerability allows a lower-privileged user to access and overwrite files managed by a higher-privileged admin. By exploiting this...

6.3CVSS6.8AI score0.00137EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 8:42 a.m.•2 views

CVE-2024-36528

nukeviet v.4.5 and before and nukeviet-egov v.1.2.02 and before have a Deserialization vulnerability which results in code execution via /admin/extensions/download.php and /admin/extensions/upload.php...

8.8CVSS7.4AI score0.00373EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 2:1 a.m.•4 views

CVE-2023-42321

Cross Site Request Forgery CSRF vulnerability in icmsdev iCMSv.7.0.16 allows a remote attacker to execute arbitrary code via the user.admincp.php, members.admincp.php, and group.admincp.php files...

8.8CVSS8.1AI score0.00846EPSS

Exploits0References1

OSV•added 2025/02/26 3:15 p.m.•1 views

CVE-2025-25813

SeaCMS v13.3 was discovered to contain a remote code execution RCE vulnerability via the component adminfiles.php...

5.1CVSS6.3AI score0.00569EPSS

Exploits1References3

Vulnrichment•added 2025/02/26 12:0 a.m.•11 views

CVE-2025-25813

SeaCMS v13.3 was discovered to contain a remote code execution RCE vulnerability via the component adminfiles.php...

8.6AI score0.00569EPSS

Exploits1References3

CVE•added 2025/02/26 12:0 a.m.•60 views

CVE-2025-25813

CVE-2025-25813 affects SeaCMS v13.3, with a remote code execution vulnerability in the admin_files.php component. Multiple connected sources corroborate an RCE in SeaCMS 13.3 via that component. The documents do not provide further technical details such as affected versions beyond v13.3, explici...

5.1CVSS8AI score0.00569EPSS

Exploits1References3Affected Software1

CNNVD•added 2025/02/26 12:0 a.m.•1 views

SeaCMS 安全漏洞

SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS v13.3, which stems from a remote code execution issue in the adminfiles.php component...

5.1CVSS8.1AI score0.00569EPSS

Exploits1References5

Cvelist•added 2024/10/10 1:22 a.m.•18 views

CVE-2024-7048 IDOR in open-webui/open-webui

6.3CVSS0.00137EPSS

Exploits1References1

OSV•added 2024/08/22 8:15 p.m.•0 views

CVE-2024-42599

SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although adminfiles.php imposes restrictions on edited files, attackers can still bypass these restrictions and write code, allowing authenticated attackers to exploit the vulnerability to execute...

8.8CVSS6.6AI score0.00396EPSS

Exploits1References2

CNNVD•added 2024/08/07 12:0 a.m.•1 views

Kashipara Responsive School Management System 安全漏洞

Kashipara Responsive School Management System is a school management system from Kashipara. A security vulnerability exists in the Kashipara Responsive School Management System version v3.2.0, which stems from an error in the /smsa/adminstudentregisterapproval.php file and the...

6.5CVSS6.8AI score0.00731EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by