Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

29 matches found

Vulnrichment
Vulnrichmentadded 2026/01/12 2:39 p.m.5 views

CVE-2025-41006 Multiple vulnerabilities in Imaster products Open configuration options

Imaster's MEMS Events CRM contains an SQL injection vulnerability in ‘phone’ parameter in ‘/memsdemo/login.php’...

9.3CVSS7.7AI score0.00058EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/01/12 2:39 p.m.17 views

CVE-2025-41006 Multiple vulnerabilities in Imaster products Open configuration options

Imaster's MEMS Events CRM contains an SQL injection vulnerability in ‘phone’ parameter in ‘/memsdemo/login.php’...

9.3CVSS0.00058EPSS
Exploits0References1
CVE
CVEadded 2026/01/12 2:39 p.m.8 views

CVE-2025-41006

CVE-2025-41006 affects Imaster MEMS Events CRM with an SQL injection in the phone parameter of the /memsdemo/login.php API. Multiple sources confirm the vulnerability and describe it as allowing full database access without authentication. The issue is centered on the phone input, enabling arbitr...

9.3CVSS7.7AI score0.00058EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/01/12 2:35 p.m.4 views

CVE-2025-41005 Multiple vulnerabilities in Imaster products Open configuration options

Imaster's MEMS Events CRM contains an SQL injection vulnerability in‘keyword’ parameter in ‘/memsdemo/exchangeoffers.php’...

8.7CVSS7.7AI score0.00058EPSS
Exploits0References1
EUVD
EUVDadded 2026/01/12 2:35 p.m.6 views

EUVD-2026-1933

Imaster's MEMS Events CRM contains an SQL injection vulnerability in‘keyword’ parameter in ‘/memsdemo/exchangeoffers.php’...

8.7CVSS7.6AI score0.00058EPSS
Exploits0References2
CVE
CVEadded 2026/01/12 2:35 p.m.5 views

CVE-2025-41005

CVE-2025-41005 affects Imaster’s MEMS Events CRM. The vulnerability is an SQL injection in the keyword parameter of the /memsdemo/exchange_offers.php endpoint, caused by unsafeguarded input handling in that API. Impact is high (potential for unauthorized data access/modification);CVSS v4.0 base s...

8.7CVSS7.7AI score0.00058EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/01/12 2:35 p.m.17 views

CVE-2025-41005 Multiple vulnerabilities in Imaster products Open configuration options

Imaster's MEMS Events CRM contains an SQL injection vulnerability in‘keyword’ parameter in ‘/memsdemo/exchangeoffers.php’...

8.7CVSS0.00058EPSS
Exploits0References1
NVD
NVDadded 2026/01/12 2:16 p.m.2 views

CVE-2025-41004

Imaster's Patient Records Management System is vulnerable to SQL Injection in the endpoint ‘/projects/hospital/admin/complaints.php’ through the ‘id’ parameter...

8.7CVSS0.00058EPSS
Exploits0References1
NVD
NVDadded 2026/01/12 2:16 p.m.2 views

CVE-2025-41003

Imaster's Patient Record Management System contains a stored Cross-Site Scripting XSS vulnerability in the endpoint ‘/projects/hospital/admin/editpatient.php’. By injecting a malicious script into the ‘firstname’ parameter, the JavaScript code is stored and executed every time a user accesses the...

5.1CVSS0.0009EPSS
Exploits0References1
CVE
CVEadded 2026/01/12 1:55 p.m.11 views

CVE-2025-41004

CVE-2025-41004 affects Imaster's Patient Records Management System with a SQL Injection vulnerability in the endpoint /projects/hospital/admin/complaints.php via the id parameter. The issue is consistently described across Red Hat, NVD, CVE lists, CNNVD, and other feeds, indicating a SQL injectio...

8.7CVSS7.6AI score0.00058EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/01/12 1:55 p.m.2 views

CVE-2025-41004 Multiple vulnerabilities in Imaster products Open configuration options

Imaster's Patient Records Management System is vulnerable to SQL Injection in the endpoint ‘/projects/hospital/admin/complaints.php’ through the ‘id’ parameter...

8.7CVSS7.6AI score0.00058EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/01/12 1:55 p.m.18 views

CVE-2025-41004 Multiple vulnerabilities in Imaster products Open configuration options

Imaster's Patient Records Management System is vulnerable to SQL Injection in the endpoint ‘/projects/hospital/admin/complaints.php’ through the ‘id’ parameter...

8.7CVSS0.00058EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/01/12 1:50 p.m.3 views

CVE-2025-41003 Multiple vulnerabilities in Imaster products Open configuration options

Imaster's Patient Record Management System contains a stored Cross-Site Scripting XSS vulnerability in the endpoint ‘/projects/hospital/admin/editpatient.php’. By injecting a malicious script into the ‘firstname’ parameter, the JavaScript code is stored and executed every time a user accesses the...

5.1CVSS5.8AI score0.0009EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/01/12 1:50 p.m.16 views

CVE-2025-41003 Multiple vulnerabilities in Imaster products Open configuration options

Imaster's Patient Record Management System contains a stored Cross-Site Scripting XSS vulnerability in the endpoint ‘/projects/hospital/admin/editpatient.php’. By injecting a malicious script into the ‘firstname’ parameter, the JavaScript code is stored and executed every time a user accesses the...

5.1CVSS0.0009EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/01/12 12:0 a.m.2 views

PT-2026-2265

Name of the Vulnerable Software and Affected Versions Imaster MEMS Events CRM affected versions not specified Description The software contains an SQL injection issue in the phone parameter of the '/memsdemo/login.php' API endpoint. This allows for full database access without authentication...

9.3CVSS7.5AI score0.00058EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/01/12 12:0 a.m.2 views

PT-2026-2263

Name of the Vulnerable Software and Affected Versions Imaster Patient Records Management System affected versions not specified Description The Imaster Patient Records Management System is susceptible to a SQL Injection issue. This flaw is present in the /projects/hospital/admin/complaints.php AP...

8.7CVSS7.2AI score0.00058EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/01/12 12:0 a.m.2 views

Imaster Patient Record Management System 跨站脚本漏洞

Imaster Patient Record Management System is a patient record management system by the individual developer Nzioka Victor. The Imaster Patient Record Management System suffers from a cross-site scripting vulnerability that stems from insufficient validation of the firstname parameter in the endpoi...

5.1CVSS6.4AI score0.0009EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 11:20 a.m.1 views

CVE-2021-22410

There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client...

5.4CVSS6.7AI score0.00141EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2021-9556

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00141EPSS
Exploits0References1
CNVD
CNVDadded 2021/11/26 12:0 a.m.25 views

Huawei iMaster NCE-Fabric Cross-Site Scripting Vulnerability

Huawei IMaster Nce-Fabric is a network automation and intelligence platform that integrates management, control, analysis, and artificial intelligence Ai functions from Huawei China.A security vulnerability exists in Huawei iMaster NCE-Fabric, which stems from a client-side module that fails to...

5.4CVSS2AI score0.00141EPSS
Exploits0References1
Rows per page
Query Builder