CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

79 matches found

CVE-2026-26379

The vulnerability CVE-2026-26379 affects Koha v.25.11 and earlier. It exposes remote code execution via the Z39.50 configuration module. Documents confirm the affected software and the attack surface but do not provide root-cause details or explicit exploit steps. No remediation version is stated...

6.2AI score

Exploits0References3

CNNVD•added 2026/05/27 12:0 a.m.•3 views

SimplePHP 安全漏洞

SimplePHP is a lightweight CMS tool based on JSON files, developed by Martin personally. SimplePHP has a security vulnerability, which stems from the/admin/config-module.php component having a storage-based cross-site scripting vulnerability. This vulnerability can be exploited by injecting...

5.4CVSS5.6AI score0.00029EPSS

Exploits0References3

Fedora•added 2026/04/16 11:42 p.m.•3 views

[SECURITY] Fedora 44 Update: aurorae-6.6.4-1.fc44

Aurorae is a themeable window decoration for KWin. It supports theme files consisting of several SVG files for decoration and buttons. Themes can be installed and selected directly in the configuration module of KWin decorations. Please have a look at theme-description on how to write a theme fil...

5.8AI score

Exploits0

Cvelist•added 2026/03/10 11:7 a.m.•23 views

CVE-2026-3843 SQL Injection in Nefteprodukttekhnika BUK TS-G Allows Remote Code Execution

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 on Linux contains a SQL Injection vulnerability CWE-89 in the system configuration module. A remote attacker can send specially crafted HTTP POST requests to the /php/request.php endpoint via the sql parameter in...

9.8CVSS0.00187EPSS

Exploits0References2

CNNVD•added 2026/03/10 12:0 a.m.•2 views

Nefte Produkt Tekhnika BUK TS-G Gas Station Automation System 安全漏洞

Nefte Produkt Tekhnika BUK TS-G Gas Station Automation System is an automation system for gas station operations developed by the Russian company Nefte Produkt Tekhnika. Version 2.9.1 of the Nefte Produkt Tekhnika BUK TS-G Gas Station Automation System contains a security vulnerability. This...

9.8CVSS6.2AI score0.00187EPSS

Exploits0References3

ATTACKERKB•added 2026/02/02 5:55 p.m.•2 views

CVE-2026-22226

A command injection vulnerability may be exploited after the admin's authentication in the VPN server configuration module on the TP-Link Archer BE230 v1.2. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of...

8.5CVSS5.7AI score0.0086EPSS

Exploits0References5

Positive Technologies•added 2026/02/02 12:0 a.m.•5 views

PT-2026-5690

8.5CVSS5.8AI score0.0086EPSS

Exploits0References5

RedhatCVE•added 2026/01/09 11:28 a.m.•3 views

CVE-2021-33332

Cross-site scripting XSS vulnerability in the Portlet Configuration module in Liferay Portal 7.1.0 through 7.3.2, and Liferay DXP 7.1 before fix pack 19, and 7.2 before fix pack 7, allows remote attackers to inject arbitrary web script or HTML via the...

6.1CVSS5.9AI score0.00244EPSS

Exploits0References1

EUVD•added 2025/12/16 12:30 a.m.•2 views

EUVD-2025-203471

A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/CtApp.php of the component Backend App Configuration Module. The manipulation of the argument CTAppPaytype leads to code injection. Remote exploitation ...

5.8CVSS6.5AI score0.00044EPSS

Exploits1References5

OSV•added 2025/12/15 11:15 p.m.•0 views

CVE-2025-14730

A security flaw has been discovered in CTCMS Content Management System up to 2.1.2. The impacted element is an unknown function in the library /ctcms/libs/CtConfig.php of the component Backend System Configuration Module. The manipulation of the argument CjAdd/CjEdit results in code injection. Th...

7.2CVSS5.6AI score0.0004EPSS

Exploits1References4

NVD•added 2025/12/15 11:15 p.m.•2 views

CVE-2025-14729

7.2CVSS0.00044EPSS

Exploits1References4

OSV•added 2025/12/15 11:15 p.m.•0 views

CVE-2025-14729

7.2CVSS5.5AI score0.00044EPSS

Exploits1References4

Cvelist•added 2025/12/15 11:2 p.m.•19 views

CVE-2025-14729 CTCMS Content Management System Backend App Configuration Ct_App.php save code injection

5.8CVSS0.00044EPSS

Exploits1References4

Positive Technologies•added 2025/12/15 12:0 a.m.•2 views

PT-2025-51319

Name of the Vulnerable Software and Affected Versions CTCMS Content Management System versions up to 2.1.2 Description A code injection issue exists in CTCMS Content Management System. The issue is located in the Save function within the /ctcms/libs/Ct App.php file of the Backend App Configuratio...

7.2CVSS5AI score0.00044EPSS

Exploits1References8

EUVD•added 2025/10/27 3:30 p.m.•3 views

EUVD-2025-36188

An issue in the Web Configuration module of Startcharge Artemis AC Charger 7-22 kW v1.0.4 allows authenticated network-adjacent attackers to upload crafted firmware, leading to arbitrary code execution...

8CVSS7.3AI score0.00013EPSS

Exploits0References3

NVD•added 2025/10/27 2:15 p.m.•2 views

CVE-2025-52263

8CVSS0.00013EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2020-16399

Malware in sbrugna...

5.4CVSS5.6AI score0.00206EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views