CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A flaw has been found in code-projects Online Course Registration 1.0. Impacted is an unknown function of the file /admin/manage-students.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...

9.8CVSS5.7AI score

Exploits0References5

RedhatCVE•added 2025/10/06 6:14 a.m.•8 views

CVE-2025-58769

auth0-PHP is an SDK for Auth0 Authentication and Management APIs. In versions 3.3.0 through 8.16.0, the Bulk User Import endpoint in applications built with the SDK does not validate the file-path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths o...

3.3CVSS7AI score0.00092EPSS

Exploits0References1

CNNVD•added 2025/10/06 12:0 a.m.•2 views

IdeaCMS 命令注入漏洞

IdeaCMS is an open source shopping mall system by IdeaCMS. A command injection vulnerability exists in IdeaCMS 1.8 and earlier versions, which stems from incorrect manipulation of the parameter site name in the file app/common/logic/admin/Config.php, which could lead to a command injection attack...

7.2CVSS5.2AI score0.00588EPSS

Exploits1References4

Positive Technologies•added 2025/10/06 12:0 a.m.•3 views

PT-2025-40888

Name of the Vulnerable Software and Affected Versions IdeaCMS versions up to 1.8 Description A command injection issue exists in IdeaCMS. The issue is located in an unknown function within the app/common/logic/admin/Config.php file of the Website Name Handler component. Manipulation of the 网站名称...

7.2CVSS4.8AI score0.00588EPSS

Exploits1References8

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-17638

Malicious code in bioql PyPI...

8.6CVSS6.4AI score0.00697EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-57514

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00148EPSS

Exploits2References1