CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

312 matches found

NVD•added 2025/05/06 5:15 p.m.•10 views

CVE-2023-33770

Real Estate Management System v1.0 was discovered to contain a SQL injection vulnerability via the message parameter at /contact.php...

5.1CVSS0.00142EPSS

Exploits0References2

CVE•added 2025/05/06 12:0 a.m.•45 views

CVE-2023-33770

Real Estate Management System v1.0 contains a SQL injection vulnerability in the message parameter of /contact.php. Root cause: improper handling of user input in the message field leading to SQL injection. Impact per provided metrics: Confidentiality Low, Integrity Low, Availability None; attack...

5.1CVSS8.3AI score0.00142EPSS

Exploits0References2

Vulnrichment•added 2025/05/06 12:0 a.m.•7 views

CVE-2023-33770

Real Estate Management System v1.0 was discovered to contain a SQL injection vulnerability via the message parameter at /contact.php...

5.6AI score0.00142EPSS

Exploits0References2

Vulnrichment•added 2025/04/28 12:31 p.m.•8 views

CVE-2025-4020 PHPGurukul Old Age Home Management System contact.php sql injection

A vulnerability was found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /contact.php. The manipulation of the argument fname leads to sql injection. The attack may be launched remotely. The exploit has...

7.5CVSS7.4AI score0.0011EPSS

Exploits1References5

Cvelist•added 2025/04/28 12:31 p.m.•20 views

CVE-2025-4020 PHPGurukul Old Age Home Management System contact.php sql injection

7.5CVSS0.0011EPSS

Exploits1References5

CVE•added 2025/04/28 12:31 p.m.•52 views

CVE-2025-4020

CVE-2025-4020 affects PHPGurukul Old Age Home Management System 1.0. The vulnerability is a SQL injection in the unknown functionality of /contact.php triggered by manipulating the fname parameter. It is exploitable remotely, with public exploit disclosure noted in the sources. Multiple CVSS vect...

9.8CVSS7.5AI score0.0011EPSS

Exploits1References5Affected Software1

Positive Technologies•added 2025/04/28 12:0 a.m.•1 views

PT-2025-18067 · Unknown · Phpgurukul Old Age Home Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Old Age Home Management System version 1.0 Description: A critical issue affects an unknown functionality of the file /contact.php. The manipulation of the argument fname leads to SQL injection. The attack may be launched remotely...

9.8CVSS7.5AI score0.0011EPSS

Exploits1References12

CVE•added 2025/02/11 2:0 a.m.•59 views

CVE-2025-1168

CVE-2025-1168 affects SourceCodester Contact Manager with Export to VCF 1.0. The vulnerability resides in /endpoint/delete-contact.php where manipulating the contact argument leads to SQL injection. Impact is described as remote, with high confidentiality/integrity/availability implications in mu...

9.8CVSS6.8AI score0.00178EPSS

Exploits1References4Affected Software1

Cvelist•added 2025/02/11 2:0 a.m.•10 views

CVE-2025-1168 SourceCodester Contact Manager with Export to VCF delete-contact.php sql injection

A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-contact.php. The manipulation of the argument contact leads to sql injection. The attack can be initiated...

6.5CVSS0.00178EPSS

Exploits1References4

Vulnrichment•added 2025/02/11 2:0 a.m.•4 views

CVE-2025-1168 SourceCodester Contact Manager with Export to VCF delete-contact.php sql injection

6.5CVSS6.8AI score0.00178EPSS

Exploits1References4

Cvelist•added 2024/12/29 8:31 a.m.•16 views

CVE-2024-13007 Codezips Event Management System contact.php sql injection

A vulnerability, which was classified as critical, was found in Codezips Event Management System 1.0. Affected is an unknown function of the file /contact.php. The manipulation of the argument title leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

6.5CVSS0.00099EPSS

Exploits1References4

CVE•added 2024/12/29 8:31 a.m.•57 views

CVE-2024-13007

CVE-2024-13007 affects Codezips Event Management System 1.0, where an SQL injection can be triggered in the /contact.php file by manipulating the title argument. The vulnerability is network-exploitable and allows remote access with no user interaction required, as described in multiple sources. ...

9.8CVSS6.8AI score0.00099EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2024/12/29 8:31 a.m.•11 views

CVE-2024-13007 Codezips Event Management System contact.php sql injection

6.5CVSS7AI score0.00099EPSS

Exploits1References4

NVD•added 2024/01/10 3:15 a.m.•12 views

CVE-2024-0361

A vulnerability classified as critical has been found in PHPGurukul Hospital Management System 1.0. Affected is an unknown function of the file admin/contact.php. The manipulation of the argument mobnum leads to sql injection. The exploit has been disclosed to the public and may be used. The...

9.8CVSS7AI score0.00057EPSS

Exploits1References3

Vulnrichment•added 2024/01/10 2:0 a.m.•0 views

CVE-2024-0361 PHPGurukul Hospital Management System contact.php sql injection

5.5CVSS7.7AI score0.00057EPSS

Exploits1References3

Cvelist•added 2024/01/10 2:0 a.m.•12 views

CVE-2024-0361 PHPGurukul Hospital Management System contact.php sql injection

5.5CVSS10AI score0.00057EPSS

Exploits1References3

NVD•added 2023/07/07 4:15 p.m.•10 views

CVE-2023-3542

A vulnerability was found in ThinuTech ThinuCMS 1.5 and classified as problematic. Affected by this issue is some unknown functionality of the file /contact.php. The manipulation of the argument name/body leads to cross site scripting. The attack may be launched remotely. VDB-233294 is the...

6.1CVSS4.4AI score0.00078EPSS

Exploits0References2