CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

VulnCheck KEV•added 2026/05/04 12:0 a.m.•3 views

VulnCheck KEV: CVE-2025-64377

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CridioStudio ListingPro listingpro allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through 2.9.10...

8.1CVSS5.8AI score0.0011EPSS

In wildExploits0References2

ATTACKERKB•added 2026/03/05 5:54 a.m.•3 views

CVE-2026-28122

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CridioStudio ListingPro listingpro-plugin allows Reflected XSS.This issue affects ListingPro: from n/a through = 2.9.8...

5.9AI score0.00045EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 8:33 a.m.•5 views

CVE-2024-39622

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CridioStudio ListingPro listingpro allows SQL Injection.This issue affects ListingPro: from n/a through = 2.9.4...

9.8CVSS5.9AI score0.00411EPSS

Exploits0References1

RedhatCVE•added 2025/12/19 7:32 a.m.•1 views

CVE-2025-64378

Missing Authorization vulnerability in CridioStudio ListingPro listingpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro: from n/a through 2.9.10...

7.1CVSS7AI score0.00038EPSS

Exploits0References1

EUVD•added 2025/12/18 9:30 a.m.•3 views

EUVD-2025-204094

6.5CVSS6.5AI score0.00041EPSS

Exploits0References2

RedhatCVE•added 2025/12/12 3:11 p.m.•1 views

CVE-2025-63047

5.3CVSS7AI score0.00038EPSS

Exploits0References1

NVD•added 2025/12/09 4:18 p.m.•1 views

CVE-2025-63049

Missing Authorization vulnerability in CridioStudio ListingPro Lead Form listingpro-lead-form allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ListingPro Lead Form: from n/a through = 1.0.7...

5.3CVSS0.00013EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-38127

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00572EPSS

Exploits0References1

Positive Technologies•added 2025/09/26 12:0 a.m.•1 views

PT-2025-39550

Name of the Vulnerable Software and Affected Versions CridioStudio ListingPro versions through 2.9.8 Description An authorization issue exists in CridioStudio ListingPro due to incorrectly configured access control security levels. This allows for exploitation of the system. Recommendations Updat...

5.4CVSS6.6AI score0.00056EPSS

Exploits0References3

RedhatCVE•added 2025/09/24 6:31 p.m.•1 views

CVE-2025-58667

Missing Authorization vulnerability in CridioStudio ListingPro Reviews listingpro-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro Reviews: from n/a through 2.9.11...

5.4CVSS5.9AI score0.00056EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 8:40 a.m.•6 views

CVE-2024-38795

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CridioStudio ListingPro listingpro-plugin allows SQL Injection.This issue affects ListingPro: from n/a through = 2.9.4...

9.8CVSS5.9AI score0.00725EPSS

Exploits0References1

RedhatCVE•added 2025/02/04 11:31 p.m.•6 views

CVE-2024-39623

Cross-Site Request Forgery CSRF vulnerability in CridioStudio ListingPro listingpro allows Authentication Bypass.This issue affects ListingPro: from n/a through = 2.9.4...

8.8CVSS5.9AI score0.00139EPSS

Exploits0References1

RedhatCVE•added 2025/02/04 11:14 p.m.•21 views

CVE-2024-39624

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in CridioStudio ListingPro listingpro allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through = 2.9.4...

8.8CVSS5.9AI score0.01662EPSS

Exploits0References1

NVD•added 2025/01/02 1:15 p.m.•13 views

CVE-2024-39623

Cross-Site Request Forgery CSRF vulnerability in CridioStudio ListingPro listingpro allows Authentication Bypass.This issue affects ListingPro: from n/a through = 2.9.4...

8.8CVSS0.00139EPSS

Exploits0References1

Positive Technologies•added 2025/01/02 12:0 a.m.•2 views

PT-2025-2550 · Cridiostudio · Cridiostudio Listingpro

Name of the Vulnerable Software and Affected Versions: CridioStudio ListingPro versions n/a through 2.9.4 Description: A Cross-Site Request Forgery CSRF issue allows authentication bypass. This means an attacker can perform actions on behalf of a user without their knowledge or consent. The...

8.8CVSS7AI score0.00139EPSS

Exploits0References8

NVD•added 2024/08/29 3:15 p.m.•15 views

CVE-2024-38795

9.8CVSS0.00725EPSS

Exploits0References1

NVD•added 2024/08/29 3:15 p.m.•16 views

CVE-2024-39622

9.8CVSS0.00411EPSS

Exploits0References1

OSV•added 2024/08/29 3:15 p.m.•0 views

CVE-2024-39622

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CridioStudio ListingPro.This issue affects ListingPro: from n/a through 2.9.4...

9.8CVSS5.8AI score

Exploits0References1

NVD•added 2024/08/29 3:15 p.m.•19 views

CVE-2024-39620

8.8CVSS0.00572EPSS

Exploits0References1

CVE•added 2024/08/29 2:18 p.m.•47 views

CVE-2024-39622

CVE-2024-39622 is an unauthenticated SQL injection in the WordPress ListingPro theme (and ListingPro Plugin entries) affecting versions up to 2.9.4; root cause is improper neutralization of SQL elements. Patch status across sources shows a fix in 2.9.5 (ListingPro theme) and related updates; unpa...

9.8CVSS5.9AI score0.00411EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by