CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

94 matches found

CVE-2026-6489

A security flaw has been discovered in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This issue affects some unknown processing of the file admin/addteacher.php of the component Background Management Page. The manipulation of the argument image results in unrestricted upload. The...

6.5CVSS6AI score0.00014EPSS

Exploits0References1

ATTACKERKB•added 2026/04/17 1:0 p.m.•0 views

CVE-2026-6489

6.5CVSS5.3AI score0.00014EPSS

Exploits0References4

Vulnrichment•added 2026/04/17 1:0 p.m.•1 views

CVE-2026-6489 QueryMine sms Background Management addteacher.php unrestricted upload

6.5CVSS6.1AI score0.00014EPSS

Exploits0References4

CVE•added 2026/04/17 1:0 p.m.•5 views

CVE-2026-6489

CVE-2026-6489 affects QueryMine sms (up to 7ab5a9ea196209611134525ffc18de25c57d9593) in the Background Management Page. The vulnerability arises from tampering the image argument in admin/addteacher.php, leading to unrestricted file upload. Exploitation can be executed remotely and a public explo...

6.5CVSS6.1AI score0.00014EPSS

Exploits0References4

Cvelist•added 2026/04/17 1:0 p.m.•27 views

CVE-2026-6489 QueryMine sms Background Management addteacher.php unrestricted upload

6.5CVSS0.00014EPSS

Exploits0References4

Positive Technologies•added 2026/04/17 12:0 a.m.•2 views

PT-2026-33450

Name of the Vulnerable Software and Affected Versions QueryMine sms affected versions not specified Description An unrestricted file upload flaw exists in the Background Management Page component. The issue occurs during the processing of the file 'admin/addteacher.php' when the image argument is...

6.5CVSS6.6AI score0.00014EPSS

Exploits0References7

RedhatCVE•added 2026/02/20 1:22 a.m.•5 views

CVE-2026-2670

A vulnerability was identified in Advantech WISE-6610 1.2.120251110. Affected is an unknown function of the file /cgi-bin/luci/admin/openvpnapply of the component Background Management. Such manipulation of the argument deletefile leads to os command injection. The attack can be executed remotely...

8.6CVSS5.4AI score0.00039EPSS

Exploits2References1

Vulnrichment•added 2026/02/18 9:2 p.m.•3 views

CVE-2026-2670 Advantech WISE-6610 Background Management openvpn_apply os command injection

8.6CVSS6.8AI score0.00039EPSS

Exploits2References5

CVE•added 2026/02/18 9:2 p.m.•14 views

CVE-2026-2670

Affected product/versions: Advantech WISE-6610 (1.2.1_20251110). Vulnerable component/file: /cgi-bin/luci/admin/openvpn_apply in the Background Management module. Root cause / condition: Manipulation of the argument delete_file enables an OS command injection. Impact: Remote execution possible wi...

8.6CVSS6.9AI score0.00039EPSS

Exploits2References5

Cvelist•added 2026/02/18 9:2 p.m.•19 views

CVE-2026-2670 Advantech WISE-6610 Background Management openvpn_apply os command injection

8.6CVSS0.00039EPSS

Exploits2References5

Positive Technologies•added 2026/02/18 12:0 a.m.•4 views

PT-2026-20509

Name of the Vulnerable Software and Affected Versions Advantech WISE-6610 version 1.2.1 20251110 Description A flaw exists in Advantech WISE-6610 that allows remote execution of operating system commands. This is due to improper handling of the delete file argument within an unknown function of t...

8.6CVSS7.2AI score0.00039EPSS

Exploits2References8

RedhatCVE•added 2026/01/07 9:15 a.m.•4 views

CVE-2024-2478

A vulnerability was found in BradWenqiang HR 2.0. It has been rated as critical. Affected by this issue is the function selectAll of the file /bishe/register of the component Background Management. The manipulation of the argument userName leads to sql injection. The attack may be launched...

9.8CVSS9.6AI score0.00052EPSS

Exploits1References1