CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

87 matches found

VulnCheck KEV•added 2026/04/26 12:0 a.m.•3 views

VulnCheck KEV: CVE-2023-3793

A vulnerability was found in Weaver e-cology. It has been rated as critical. This issue affects some unknown processing of the file filelFileDownloadForOutDoc.class of the component HTTP POST Request Handler. The manipulation of the argument fileid with the input 1+WAITFOR+DELAY leads to sql...

9.8CVSS5.9AI score0.00056EPSS

In wildExploits0References6

NVD•added 2026/03/23 5:16 a.m.•0 views

CVE-2026-4572

A weakness has been identified in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /viewproduct.php of the component HTTP POST Request Handler. Executing a manipulation of the argument searchtxt can lead to sql injection. The attack m...

6.5CVSS0.00035EPSS

Exploits1References5

CVE•added 2026/03/23 2:59 a.m.•3 views

CVE-2026-4569

CVE-2026-4569 affects SourceCodester Sales and Inventory System 1.0. The vulnerability is a SQL injection in /view_category.php (HTTP POST Handler) via the searchtxt parameter. Exploitation is remote and publicly disclosed. Impact concerns data confidentiality and integrity; exploitation details ...

6.5CVSS6.5AI score0.00035EPSS

Exploits1References5Affected Software1

NVD•added 2026/02/07 5:16 a.m.•6 views

CVE-2026-2074

A vulnerability was identified in O2OA up to 9.0.0. This impacts an unknown function of the file /xprogramcenter/jaxrs/mpweixin/check of the component HTTP POST Request Handler. The manipulation leads to xml external entity reference. It is possible to initiate the attack remotely. The exploit is...

6.5CVSS0.00081EPSS

Exploits1References5

Positive Technologies•added 2026/02/07 12:0 a.m.•4 views

PT-2026-6875

Name of the Vulnerable Software and Affected Versions O2OA versions prior to 9.0.0 Description A flaw exists in O2OA up to version 9.0.0 related to XML external entity reference. The issue is located within the HTTP POST Request Handler component, specifically in the file /x program...

6.5CVSS5.5AI score0.00081EPSS

Exploits1References7

NVD•added 2026/01/26 2:15 a.m.•2 views

CVE-2026-1413

A vulnerability was found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This affects the function portValidate of the file /fort/ipandport/portvalidate of the component HTTP POST Request Handler. Performing a manipulation of the argument port results in command...

9.8CVSS0.00063EPSS

Exploits0References4

OSV•added 2026/01/26 1:15 a.m.•1 views

CVE-2026-1412

A vulnerability has been found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. The impacted element is an unknown function of the file /fort/audit/getclipimg of the component HTTP POST Request Handler. Such manipulation of the argument frame/dirno leads to command...

9.8CVSS5.6AI score

Exploits0References4

Positive Technologies•added 2026/01/09 12:0 a.m.•5 views

PT-2026-1777

Name of the Vulnerable Software and Affected Versions Sangfor Operation and Maintenance Management System versions up to 3.0.8 Description A flaw exists in the HTTP POST Request Handler component of the software, specifically in the processing of the /isomp-protocol/protocol/getHis file...

10CVSS9.2AI score0.00374EPSS

Exploits1References12

RedhatCVE•added 2026/01/07 9:14 a.m.•4 views

CVE-2024-2272

A vulnerability classified as critical was found in keerti1924 Online-Book-Store-Website 1.0. This vulnerability affects unknown code of the file /home.php of the component HTTP POST Request Handler. The manipulation of the argument productname leads to sql injection. The attack can be initiated...

9.8CVSS7.5AI score0.00064EPSS

Exploits0References1

Positive Technologies•added 2025/12/30 12:0 a.m.•2 views

PT-2025-53838

Name of the Vulnerable Software and Affected Versions Tenda AC23 version 16.03.07.52 Description A security issue exists in the Tenda AC23 router. The formSetPPTPUserList function within the HTTP POST Request Handler component is susceptible to a buffer overflow when the argument list is...

9CVSS8.9AI score0.00264EPSS

Exploits1References13

RedhatCVE•added 2025/12/29 12:0 p.m.•1 views

CVE-2025-15133

A vulnerability was identified in ZSPACE Z4Pro+ 1.0.0440024. The impacted element is the function zfilev2apiCloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit...

8.8CVSS7AI score0.00166EPSS

Exploits1References1

RedhatCVE•added 2025/12/29 10:38 a.m.•1 views

CVE-2025-15132

A vulnerability was determined in ZSPACE Z4Pro+ 1.0.0440024. The affected element is the function zfilev2apiopen of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has...

8.8CVSS7AI score0.00166EPSS

Exploits1References1

RedhatCVE•added 2025/12/29 10:38 a.m.•1 views

CVE-2025-15131

A vulnerability was found in ZSPACE Z4Pro+ 1.0.0440024. Impacted is the function zfilev2apiSafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation results in command injection. The attack may be performed from remote. The exploit has been made publ...

8.8CVSS6.8AI score0.00166EPSS

Exploits1References1