CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2021-28109

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.00274EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-47866

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00101EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-14270

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.00156EPSS

Exploits0References3

RedhatCVE•added 2025/05/22 11:21 p.m.•3 views

CVE-2022-44937

Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery CSRF via the Add function under the Administrator List module...

6.5CVSS7.3AI score0.00101EPSS

Exploits1References1

Vulnrichment•added 2025/05/12 6:17 a.m.•9 views

CVE-2025-4560 Netvision ISOinsight - Missing Authentication

The ISOinsight from Netvision has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access certain system functions. These functions include viewing the administrator list, viewing and editing IP settings, and uploading files...

6.9CVSS7.4AI score0.00156EPSS

Exploits0References2

OSV•added 2022/12/07 3:15 a.m.•1 views

CVE-2022-44849

A Cross-Site Request Forgery CSRF in the Administrator List of MetInfo v7.7 allows attackers to arbitrarily add Super Administrator account...

8.8CVSS5.8AI score0.00092EPSS

Exploits1References1

Prion•added 2022/12/07 3:15 a.m.•16 views

Cross site request forgery (csrf)

A Cross-Site Request Forgery CSRF in the Administrator List of MetInfo v7.7 allows attackers to arbitrarily add Super Administrator account...

6.8CVSS8.7AI score0.00092EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2022/12/07 12:0 a.m.•2 views

PT-2022-27324 · Metinfo · Metinfo

Name of the Vulnerable Software and Affected Versions: MetInfo version 7.7 Description: A Cross-Site Request Forgery CSRF issue in the Administrator List allows attackers to arbitrarily add a Super Administrator account. This enables unauthorized access and control over the system. Recommendation...

8.8CVSS7.2AI score0.00092EPSS

Exploits1References5

CVE•added 2022/12/07 12:0 a.m.•78 views

CVE-2022-44849

MetInfo v7.7 contains a CSRF in the Administrator List that allows an attacker to arbitrarily add a Super Administrator account. Affected component: Administrator List (MetInfo 7.7). Root cause: CSRF-vulnerability enabling unauthorized privilege elevation. Impact per sources: high confidentiality...

8.8CVSS8.7AI score0.00092EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/12/07 12:0 a.m.•18 views

CVE-2022-44849

A Cross-Site Request Forgery CSRF in the Administrator List of MetInfo v7.7 allows attackers to arbitrarily add Super Administrator account...

8.9AI score0.00092EPSS

Exploits1References1

OSV•added 2022/11/28 9:15 p.m.•1 views

CVE-2022-44937

Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery CSRF via the Add function under the Administrator List module...

6.5CVSS5.8AI score

Exploits0References1

NVD•added 2022/11/28 9:15 p.m.•15 views

CVE-2022-44937

Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery CSRF via the Add function under the Administrator List module...

6.5CVSS0.00101EPSS

Exploits1References1

Prion•added 2022/11/28 9:15 p.m.•17 views

Cross site request forgery (csrf)

Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery CSRF via the Add function under the Administrator List module...

4.3CVSS6.6AI score0.00101EPSS

Exploits1References1Affected Software1

CVE•added 2022/11/28 12:0 a.m.•49 views

CVE-2022-44937

Bosscms v2.0.0 is affected by a Cross-Site Request Forgery (CSRF) in the Add function of the Administrator List module. The issue, documented across multiple sources, indicates that an unauthorized action could be performed by an authenticated user if CSRF protections are not enforced. The CVE is...

6.5CVSS6.6AI score0.00101EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2022/11/28 12:0 a.m.•3 views

PT-2022-27338 · Bosscms · Bosscms

Name of the Vulnerable Software and Affected Versions: Bosscms version 2.0.0 Description: The issue is related to a Cross-Site Request Forgery CSRF that was discovered in Bosscms. This CSRF is specifically via the Add function under the Administrator List module. Recommendations: For Bosscms...

6.5CVSS6.5AI score0.00101EPSS

Exploits1References3

Cvelist•added 2022/11/28 12:0 a.m.•18 views

CVE-2022-44937

Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery CSRF via the Add function under the Administrator List module...

6.8AI score0.00101EPSS

Exploits1References1

Vulnrichment•added 2022/11/28 12:0 a.m.•7 views

CVE-2022-44937

Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery CSRF via the Add function under the Administrator List module...

6.8AI score0.00101EPSS

Exploits1References1

CNNVD•added 2022/11/28 12:0 a.m.•3 views

BossCMS 跨站请求伪造漏洞

Wenzhou Huoyin Information Technology BossCMS is a content management system based on MySQL architecture of self-developed PHP framework by Wenzhou Huoyin Information Technology. A security vulnerability exists in BossCMS v2.0.0, which was discovered through the add function under the administrat...

6.5CVSS6.3AI score0.00101EPSS

Exploits1References2

OSV•added 2022/06/23 5:15 p.m.•1 views

CVE-2021-40955

SQL injection exists in LaiKetui v3.5.0 the background administrator list...

7.2CVSS7.1AI score0.00274EPSS

Exploits1References1

CVE•added 2022/06/23 9:17 a.m.•45 views

CVE-2021-40955

CVE-2021-40955 describes an SQL injection in LaiKetui v3.5.0, specifically in the background administrator list. The vulnerability stems from how input is handled in that component, enabling partial to high impact across confidentiality, integrity, and availability per CVSS metrics (CVSS2 base 6....

7.2CVSS7.4AI score0.00274EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by