Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 2026/05/21 6:16 p.m.12 views

CVE-2026-48242

Open ISES Tickets before 3.44.2 contains hardcoded MySQL database connection credentials host, username, password, database name in importmdb.php. The credentials are embedded in source code committed to the public repository, allowing any reader of the source to obtain valid configuration values...

9.2CVSS0.00052EPSS
Exploits0References3
EUVD
EUVDadded 2026/03/23 8:28 p.m.3 views

EUVD-2026-14516

MantisBT is vulnerable to authentication bypass through the SOAP API on MySQL...

9.3CVSS5.8AI score0.0014EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/12/07 5:32 p.m.17 views

CVE-2025-14200 alokjaiswal Hotel-Management-services-using-MYSQL-and-php Request Pending usersub.php cross site scripting

A vulnerability has been found in alokjaiswal Hotel-Management-services-using-MYSQL-and-php up to 5f8b60a7aa6c06a5632de569d4e3f6a8cd82f76f. Affected is an unknown function of the file /usersub.php of the component Request Pending Page. The manipulation leads to cross site scripting. It is possibl...

5.1CVSS0.00024EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2024/03/05 6:22 p.m.0 views

mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2024)

A flaw was found in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in...

4.9CVSS7AI score0.00117EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2022/05/14 12:54 a.m.4 views

Active Record component in Ruby on Rails has a data-type injection vulnerability

The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attack...

6.4CVSS7.3AI score0.00483EPSS
Exploits2References8Affected Software1
CNVD
CNVDadded 2020/05/13 12:0 a.m.1 views

Heybbs has a universal password login vulnerability

HEYBBS is a front-end based on bootstrap+jq+css,back-end php+mysql development of micro-community programs. Heybbs has a universal password login vulnerability that can be exploited by attackers to obtain sensitive database information...

6.9AI score
Exploits0
CNVD
CNVDadded 2019/09/26 12:0 a.m.1 views

Directory Traversal Vulnerability in RGCMS

RuiGu information management system RGCMS is a set of open source building management system, using PHP language, written in the framework of Thinkphp5.1.+, the database using MYSQL database. RGCMS has a directory traversal vulnerability that can be exploited by an attacker to view the list of...

6.7AI score
Exploits0
Rows per page
Query Builder