CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A Blind SQL Injection issue was discovered in Sapplica Sentrifugo 3.2 via the index.php/holidaygroups/add id parameter because of the HolidaydatesController.php addAction function...

6.5CVSS8.2AI score0.00229EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:2 p.m.•4 views

CVE-2020-24271

A CSRF vulnerability was discovered in EasyCMS v1.6 that can add an admin account through index.php?s=/admin/rbacuser/insert/navTabId/rbacuser/callbackType/closeCurrent, then post username==...

8.8CVSS7AI score0.00145EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:56 p.m.•5 views

CVE-2020-21806

SQL Injection Vulnerability in ECTouch v2 via the shop page in index.php...

9.8CVSS8.2AI score0.00245EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:50 p.m.•6 views

CVE-2020-23833

Projectworlds House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability, allowing remote attackers to execute arbitrary code on the hosting webserver via a malicious index.php POST request...

9.8CVSS9AI score0.06106EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:46 p.m.•4 views

CVE-2020-21653

Myucms v2.2.1 contains a server-side request forgery SSRF in the component \controller\index.php, which can be exploited via the sj method...

9.1CVSS7AI score0.00267EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:41 p.m.•6 views

CVE-2020-6637

openSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of index.php...

9.8CVSS7.7AI score0.69525EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 3:23 p.m.•5 views

CVE-2020-26051

College Management System Php 1.0 suffers from SQL injection vulnerabilities in the index.php page from POST parameters 'unametxt' and 'pwdtxt', which are not filtered before passing a SQL query...

9.8CVSS8.1AI score0.00494EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:20 p.m.•4 views

CVE-2020-23718

Cross site scripting XSS vulnerability in xujinliang zibbs 1.0, allows attackers to execute arbitrary code via the route parameter to index.php...

9.6CVSS6.4AI score0.00734EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:18 p.m.•7 views

CVE-2020-21649

Myucms v2.2.1 contains a server-side request forgery SSRF in the component \controller\index.php, which can be exploited via the sql method...

8.1CVSS7AI score0.00219EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:17 p.m.•6 views

CVE-2020-20124

Wuzhi CMS v4.1.0 contains a remote code execution RCE vulnerability in \attachment\admin\index.php...

8.8CVSS7.8AI score0.03146EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:17 p.m.•2 views

CVE-2020-19915

Cross Site Scripting XSS vulnerability exists in WUZHI CMS 4.1.0 via the mailbox username in index.php...

6.1CVSS6.5AI score0.00328EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:17 p.m.•5 views

CVE-2020-19264

A cross-site request forgery CSRF in MipCMS v5.0.1 allows attackers to arbitrarily add users via index.php?s=/user/ApiAdminUser/itemAdd...

6.5CVSS7AI score0.00116EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:16 p.m.•5 views

CVE-2020-18013

SQL Injextion vulnerability exists in Whatsns 4.0 via the ip parameter in index.php?adminbanned/add.htm...

9.8CVSS7.6AI score0.00513EPSS

Exploits1

RedhatCVE•added 2025/05/22 1:36 p.m.•4 views

CVE-2014-4850

SQL injection vulnerability in index.php in FoeCMS allows remote attackers to execute arbitrary SQL commands via the i parameter...

7.5CVSS8.8AI score0.00319EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 12:53 p.m.•3 views

CVE-2018-13010

WSTMall v1.9.1170316 has CSRF via the index.php?m=Admin=Users=edit URI to add a user account...

8.8CVSS7AI score0.00166EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 12:36 p.m.•5 views

CVE-2010-1541

Multiple cross-site scripting XSS vulnerabilities in DFD Cart 1.198, 1.197, and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 category and 2 listquantity parameters to index.php, and the 3 category parameter to your.order.php...

4.3CVSS6AI score0.00329EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by