CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2025/05/06 3:31 a.m.•57 views

CVE-2025-4310

The CVE-2025-4310 entry affects itsourcecode Content Management System 1.0. The vulnerability lies in the /admin/add_topic.php?category=BBS endpoint where the Cover Image parameter can be manipulated to achieve unrestricted file uploads. This is caused by improper validation/handling of the Cover...

6.3CVSS5AI score0.0019EPSS

Vulnrichment•added 2025/05/06 3:31 a.m.•9 views

CVE-2025-4310 itsourcecode Content Management System add_topic.php unrestricted upload

A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. This affects an unknown part of the file /admin/addtopic.php?category=BBS. The manipulation of the argument Cover Image leads to unrestricted upload. It is possible to initiate the attack remotely...

5.8CVSS4.9AI score0.0019EPSS

Cvelist•added 2025/05/06 3:31 a.m.•15 views

CVE-2025-4310 itsourcecode Content Management System add_topic.php unrestricted upload

5.8CVSS0.0019EPSS

NVD•added 2025/05/06 1:15 a.m.•14 views

CVE-2025-4301

A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /search-notice.php. The manipulation of the argument searchdata leads to sql injection. The attack can be launched remotely. The...

9.8CVSS0.00204EPSS

Vulnrichment•added 2025/05/06 12:31 a.m.•6 views

CVE-2025-4301 itsourcecode Content Management System search-notice.php sql injection

7.5CVSS7.4AI score0.00204EPSS

CVE•added 2025/05/06 12:31 a.m.•53 views

CVE-2025-4301

The CVE-2025-4301 entry affects itsourcecode Content Management System 1.0. Affected component: the file /search-notice.php. Root cause: manipulation of the searchdata parameter leads to SQL injection. Impact: remotely exploitable with potential unauthorized access or data exposure, as reflected ...

9.8CVSS7.6AI score0.00204EPSS

NVD•added 2025/05/06 12:15 a.m.•12 views

CVE-2025-4300

A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Affected is an unknown function of the file /searchlist.php. The manipulation of the argument Search leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS0.00204EPSS

OSV•added 2025/05/06 12:15 a.m.•0 views

CVE-2025-4300

9.8CVSS5.8AI score0.00204EPSS

Cvelist•added 2025/05/06 12:0 a.m.•16 views

CVE-2025-4300 itsourcecode Content Management System search_list.php sql injection

7.5CVSS0.00204EPSS

CVE•added 2025/05/06 12:0 a.m.•53 views

CVE-2025-4300

CVE-2025-4300 affects itsourcecode Content Management System 1.0. The vulnerability is a SQL injection in an unknown function within /search_list.php triggered by manipulating the Search parameter. It is exploitable remotely and multiple sources state the exploit has been publicly disclosed. Tech...

9.8CVSS7.4AI score0.00204EPSS

Positive Technologies•added 2025/05/06 12:0 a.m.•3 views

PT-2025-19829 · Unknown · Itsourcecode Content Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Content Management System version 1.0 Description: A critical issue has been discovered, affecting a part of the /admin/add topic.php?category=BBS file. The manipulation of the Cover Image argument leads to unrestricted upload...

6.3CVSS4.6AI score0.0019EPSS

Exploits1References10

9.8CVSS7.6AI score0.00204EPSS

itsourcecode Content Management System 安全漏洞

itsourcecode Content Management System is a content management system of itsourcecode open source. A security vulnerability exists in version 1.0 of itsourcecode Content Management System, which originates from improper manipulation of the parameter stopicid in the file...

5.1CVSS7.3AI score0.00076EPSS

Real Estate Management System 安全漏洞

Real Estate Management System is an open source real estate management system from Itsourcecode. A security vulnerability exists in Real Estate Management System version 1.0, which stems from improper handling of the parameter message in the file /contact.php, which may lead to SQL injection...

Exploits0References3

9.8CVSS7.8AI score0.00204EPSS

itsourcecode Gym Management System 注入漏洞

itsourcecode Gym Management System is an open source gym management system from itsourcecode. An injection vulnerability exists in version 1.0 of itsourcecode Gym Management System, which results from SQL injection due to incorrect manipulation of the parameter ID in the file /viewmember.php...

Exploits1References6

Positive Technologies•added 2025/05/06 12:0 a.m.•2 views

PT-2025-19830 · Unknown · Itsourcecode Content Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Content Management System version 1.0 Description: A critical issue was discovered in the itsourcecode Content Management System, affecting the /admin/update main topic img.php file. The manipulation of the topic id argument lead...

9.8CVSS7.7AI score0.00204EPSS

Exploits1References11

Positive Technologies•added 2025/05/06 12:0 a.m.•2 views

PT-2025-19948

Name of the Vulnerable Software and Affected Versions itsourcecode Gym Management System version 1.0 Description A critical vulnerability was found in the itsourcecode Gym Management System. The issue affects an unknown functionality of the file /ajax.php?action=delete member. The manipulation of...

9.8CVSS7.3AI score0.00204EPSS

Exploits1References12

6.3CVSS5AI score0.0019EPSS

itsourcecode Content Management System 安全漏洞

itsourcecode Content Management System is an open source content management system from itsourcecode. A security vulnerability exists in version 1.0 of itsourcecode Content Management System, which originates from an improper operation of the parameter Cover Image in the file /admin/addtopic.php,...