CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1434 matches found

Positive Technologies•added 2025/12/18 12:0 a.m.•4 views

PT-2025-52377

A security flaw has been discovered in CodeAstro Real Estate Management System 1.0. This affects an unknown function of the file /admin/userbuilderdelete.php of the component Administrator Endpoint. The manipulation results in sql injection. The attack can be launched remotely. The exploit has be...

5.8CVSS7AI score0.00306EPSS

Exploits1References6

RedhatCVE•added 2025/11/18 1:5 p.m.•4 views

CVE-2025-13280

A vulnerability was determined in CodeAstro Simple Inventory System 1.0. The impacted element is an unknown function of the file /index.php of the component Login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has bee...

9.8CVSS7.2AI score0.00336EPSS

Exploits1References1

EUVD•added 2025/11/17 3:30 p.m.•4 views

EUVD-2025-197791

A vulnerability was determined in CodeAstro Simple Inventory System 1.0. The impacted element is an unknown function of the file /index.php of the component Login. Executing manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been...

7.5CVSS6.6AI score0.00336EPSS

Exploits1References6

OSV•added 2025/11/17 1:15 p.m.•0 views

CVE-2025-13280

9.8CVSS5.7AI score0.00336EPSS

Exploits1References5

NVD•added 2025/11/17 1:15 p.m.•1 views

CVE-2025-13280

9.8CVSS0.00336EPSS

Exploits1References5

CVE•added 2025/11/17 1:2 p.m.•6 views

CVE-2025-13280

CVE-2025-13280 affects CodeAstro Simple Inventory System 1.0, specifically the Login component’s /index.php where manipulating the Username parameter enables SQL injection. Multiple connected sources confirm the flaw is exploitable remotely and that exploits have been publicly disclosed. The vuln...

9.8CVSS7.2AI score0.00336EPSS

Exploits1References5Affected Software1

Vulnrichment•added 2025/11/17 1:2 p.m.•2 views

CVE-2025-13280 CodeAstro Simple Inventory System Login index.php sql injection

7.5CVSS7.2AI score0.00336EPSS

Exploits1References5

Cvelist•added 2025/11/17 1:2 p.m.•7 views

CVE-2025-13280 CodeAstro Simple Inventory System Login index.php sql injection

7.5CVSS0.00336EPSS

Exploits1References5

CNNVD•added 2025/11/17 12:0 a.m.•1 views

CodeAstro Simple Inventory System SQL注入漏洞

CodeAstro Simple Inventory System is a simple inventory system from CodeAstro. CodeAstro Simple Inventory System version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter Username in the file /index.php of the component Login, which could lead ...

9.8CVSS7.8AI score0.00336EPSS

Exploits1References6

RedhatCVE•added 2025/11/15 6:42 p.m.•5 views

CVE-2025-13172

A security flaw has been discovered in CodeAstro Gym Management System 1.0. Affected is an unknown function of the file /admin/view-member-report.php. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been released to the...

8.8CVSS6.4AI score0.00249EPSS

Exploits0References1

OSV•added 2025/11/14 6:15 p.m.•2 views

CVE-2025-13172

8.8CVSS5.8AI score

Exploits0References5

NVD•added 2025/11/14 6:15 p.m.•4 views

CVE-2025-13172

8.8CVSS0.00249EPSS

Exploits0References5

Vulnrichment•added 2025/11/14 6:2 p.m.•3 views

CVE-2025-13172 CodeAstro Gym Management System view-member-report.php sql injection

6.5CVSS6.4AI score0.00249EPSS

Exploits0References5

CVE•added 2025/11/14 6:2 p.m.•6 views

CVE-2025-13172

CVE-2025-13172 affects CodeAstro Gym Management System 1.0. A SQL injection vulnerability exists in an unknown function of /admin/view-member-report.php triggered by manipulating the ID parameter. Exploitation is possible remotely, and public exploits have been released. NVD reports a high-severi...

8.8CVSS6.4AI score0.00249EPSS

Exploits0References5Affected Software1

EUVD•added 2025/11/14 6:2 p.m.•4 views

EUVD-2025-197639

A security flaw has been discovered in CodeAstro Gym Management System 1.0. Affected is an unknown function of the file /admin/view-member-report.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been released to the...

6.5CVSS6.5AI score0.00249EPSS

Exploits0References7

Positive Technologies•added 2025/11/14 12:0 a.m.•5 views

PT-2025-46990

Name of the Vulnerable Software and Affected Versions CodeAstro Gym Management System version 1.0 Description A security flaw exists in CodeAstro Gym Management System version 1.0. The issue involves a SQL injection impacting an unknown function within the /admin/view-member-report.php file...

6.5CVSS7.4AI score0.00249EPSS

Exploits0References8

RedhatCVE•added 2025/11/04 1:43 a.m.•4 views

CVE-2025-12610

A vulnerability was determined in CodeAstro Gym Management System 1.0. This affects an unknown part of the file /admin/view-progress-report.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and...

7.2CVSS5AI score0.00327EPSS

Exploits1References1

RedhatCVE•added 2025/11/04 1:43 a.m.•4 views

CVE-2025-12609

A vulnerability was found in CodeAstro Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/update-progress.php. Performing a manipulation of the argument id/iniweight results in sql injection. The attack may be initiated remotely. The exploit has bee...

8.8CVSS5.1AI score0.00301EPSS

Exploits1References1

OSV•added 2025/11/03 2:15 a.m.•2 views

CVE-2025-12610

7.2CVSS5.8AI score0.00327EPSS

Exploits1References6

NVD•added 2025/11/03 2:15 a.m.•4 views

CVE-2025-12609

8.8CVSS0.00301EPSS

Exploits1References6

Rows per page