CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1444 matches found

OSV•added 2025/11/24 6:15 a.m.•1 views

CVE-2025-13585

A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument code results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...

9.8CVSS5.8AI score0.0004EPSS

Exploits1References6

Cvelist•added 2025/11/24 5:32 a.m.•9 views

CVE-2025-13585 itsourcecode COVID Tracking System login.php sql injection

7.5CVSS0.0004EPSS

Exploits1References6

CVE•added 2025/11/24 5:32 a.m.•5 views

CVE-2025-13585

The CVE-2025-13585 affects itsourcecode COVID Tracking System 1.0. A flaw in /login.php allows manipulation of the code argument to trigger SQL injection. The issue is remotely exploitable and exploits are publicly available. Connected sources confirm the vulnerability details and that a fix vers...

9.8CVSS7.3AI score0.0004EPSS

Exploits1References6Affected Software1

OSV•added 2025/11/20 3:17 p.m.•0 views

CVE-2025-13449

A vulnerability was found in code-projects Online Shop Project 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument Password results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...

9.8CVSS5.6AI score

Exploits0References5

EUVD•added 2025/11/20 2:32 a.m.•2 views

EUVD-2025-198251

7.5CVSS6.4AI score0.00028EPSS

Exploits1References6

RedhatCVE•added 2025/11/18 1:51 p.m.•2 views

CVE-2025-13285

A vulnerability was identified in itsourcecode Online Voting System 1.0. The affected element is an unknown function of the file /login.php. Such manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used...

9.8CVSS7.1AI score0.0004EPSS

Exploits1References1

OSV•added 2025/11/17 7:16 p.m.•1 views

CVE-2024-44660

PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the fullname, emailid, and contactno parameters in login.php...

6.5CVSS5.8AI score0.00037EPSS

Exploits1References2

Positive Technologies•added 2025/11/17 12:0 a.m.•2 views

PT-2025-47197

Name of the Vulnerable Software and Affected Versions PHPGurukul Online Shopping Portal version 2.0 Description The PHPGurukul Online Shopping Portal version 2.0 is susceptible to SQL Injection. This issue affects the login.php file and specifically involves the fullname, emailid, and contactno...

6.5CVSS7.6AI score0.00037EPSS

Exploits1References6

Cvelist•added 2025/11/16 3:32 a.m.•6 views

CVE-2025-13235 itsourcecode Inventory Management System login.php sql injection

A vulnerability was determined in itsourcecode Inventory Management System 1.0. This affects an unknown function of the file /admin/login.php. Executing manipulation of the argument useremail can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly...

7.5CVSS0.00028EPSS

Exploits1References5

RedhatCVE•added 2025/10/12 1:28 p.m.•4 views

CVE-2025-11601

A vulnerability was detected in SourceCodester Online Student Result System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. Performing manipulation of the argument Username results in sql injection. The attack can be initiated remotely. The exploit is now...

9.8CVSS7.5AI score0.00042EPSS

Exploits1References1

RedhatCVE•added 2025/10/09 2:4 a.m.•1 views

CVE-2025-11424

A vulnerability was determined in code-projects Web-Based Inventory and POS System 1.0. This impacts an unknown function of the file /login.php. Executing manipulation of the argument emailid can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclos...

9.8CVSS7AI score0.00044EPSS

Exploits1References1

CVE•added 2025/10/08 5:2 a.m.•5 views

CVE-2025-11434

Summary: CVE-2025-11434 affects itsourcecode’s Student Transcript Processing System v1.0, with a SQL injection flaw in the /login.php file via the uname parameter. The issue can be exploited remotely and publicly available exploit code exists. Several sources corroborate the impact and exposure, ...

9.8CVSS7.2AI score0.00042EPSS

Exploits1References5Affected Software1

CNNVD•added 2025/10/08 12:0 a.m.•1 views

itsourcecode Student Transcript Processing System SQL注入漏洞

itsourcecode Student Transcript Processing System is itsourcecode open source a student transcript processing system. A SQL injection vulnerability exists in version 1.0 of itsourcecode Student Transcript Processing System, which stems from an incorrect manipulation of the parameter uname in the...

9.8CVSS7.7AI score0.00042EPSS

Exploits1References5

CNNVD•added 2025/10/08 12:0 a.m.•2 views

code-projects Web-Based Inventory and POS System 安全漏洞

Code-Projects Web-Based Inventory and POS System is a web-based inventory and POS system from Code-Projects open source. A security vulnerability exists in version 1.0 of the code-projects Web-Based Inventory and POS System, which stems from an incorrect manipulation of the parameter emailid in t...

9.8CVSS7.7AI score0.00044EPSS

Exploits1References5

OSV•added 2025/10/07 2:15 p.m.•2 views

CVE-2025-11397

A security flaw has been discovered in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /login.php. Performing manipulation of the argument email results in sql injection. The attack may be initiated remotely. The exploit has been...

9.8CVSS5.8AI score0.00042EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2007-5554

Malware in sbrugna...

7.5CVSS6.4AI score0.02682EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-16427

Malware in sbrugna...

9.8CVSS9.3AI score0.00578EPSS

Exploits1References2