CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

298 matches found

CNNVD•added 2026/04/14 12:0 a.m.•6 views

school-management-system 安全漏洞

School-Management-System is a school management system developed by Shubham Kumar, an individual developer. This system is designed for schools or small institutions. Version 1.0 of School-Management-System contains a security vulnerability. This vulnerability stems from improper handling of the...

6.1CVSS5.6AI score0.00181EPSS

Exploits1References1

RedhatCVE•added 2026/03/27 2:25 p.m.•10 views

CVE-2021-27371

The Contact page in Monica 2.19.1 allows stored XSS via the Description field...

5.4CVSS5.6AI score0.00592EPSS

Exploits1References1

RedhatCVE•added 2026/03/27 2:24 p.m.•8 views

CVE-2021-27559

The Contact page in Monica 2.19.1 allows stored XSS via the Nickname field...

5.4CVSS5.6AI score0.00592EPSS

Exploits1References1

EUVD•added 2025/12/08 6:30 p.m.•5 views

EUVD-2025-201729

A weakness has been identified in code-projects Online Ordering System 1.0. The impacted element is an unknown function of the file /usercontact.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to...

7.5CVSS6.4AI score0.00326EPSS

Exploits1References6

NVD•added 2025/11/03 4:15 p.m.•5 views

CVE-2025-63453

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/contact.php...

9.8CVSS0.00432EPSS

Exploits1References1

Vulnrichment•added 2025/11/03 12:0 a.m.•4 views

CVE-2025-63453

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/contact.php...

7.6AI score0.00432EPSS

Exploits1References1

RedhatCVE•added 2025/10/20 10:30 p.m.•8 views

CVE-2025-11946

A security flaw has been discovered in LogicalDOC Community Edition up to 9.2.1. This issue affects some unknown processing of the file /frontend.jsp of the component Add Contact Page. Performing manipulation of the argument First Name/Last Name/Company/Address/Phone/Mobile results in cross site...

5.4CVSS3.7AI score0.00329EPSS

Exploits1References1

EUVD•added 2025/10/20 12:30 a.m.•5 views

EUVD-2025-35010

5.1CVSS5.1AI score0.00329EPSS

Exploits1References6

NVD•added 2025/10/19 10:15 p.m.•6 views

CVE-2025-11946

5.4CVSS0.00329EPSS

Exploits1References5

Cvelist•added 2025/10/19 9:32 p.m.•13 views

CVE-2025-11946 LogicalDOC Community Edition Add Contact frontend.jsp cross site scripting

5.1CVSS0.00329EPSS

Exploits1References5

CVE•added 2025/10/19 9:32 p.m.•16 views

CVE-2025-11946

CVE-2025-11946 affects LogicalDOC Community Edition up to 9.2.1. The issue stems from incorrect handling of parameters in /frontend.jsp (Add Contact Page), where manipulation of First Name/Last Name/Company/Address/Phone/Mobile can trigger cross-site scripting. Remote exploitation is possible, an...

5.4CVSS5.3AI score0.00329EPSS

Exploits1References5Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-14310

Malware in sbrugna...

5.4CVSS5.5AI score0.00592EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-14126

Malware in sbrugna...

5.4CVSS5.5AI score0.00592EPSS

Exploits1References3