CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2970 matches found

Cvelist•added 2025/12/17 11:32 p.m.•24 views

CVE-2025-14837 ZZCMS Backend Website Settings siteconfig.php stripfxg code injection

A vulnerability has been found in ZZCMS 2025. Affected by this issue is the function stripfxg of the file /admin/siteconfig.php of the component Backend Website Settings Module. Such manipulation of the argument icp leads to code injection. The attack can be executed remotely. The exploit has bee...

5.8CVSS0.00047EPSS

Exploits1References4

Positive Technologies•added 2025/12/17 12:0 a.m.•4 views

PT-2025-51982

Name of the Vulnerable Software and Affected Versions ZZCMS version 2025 Description A code injection issue exists in ZZCMS 2025, specifically within the Backend Website Settings Module. The stripfxg function in the /admin/siteconfig.php file is affected. Manipulation of the icp argument can lead...

7.2CVSS5AI score0.00047EPSS

Exploits1References10

RedhatCVE•added 2025/12/16 11:55 p.m.•5 views

CVE-2025-14729

A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/CtApp.php of the component Backend App Configuration Module. The manipulation of the argument CTAppPaytype leads to code injection. Remote exploitation ...

7.2CVSS6.8AI score0.00044EPSS

Exploits1References1

RedhatCVE•added 2025/12/16 11:55 p.m.•2 views

CVE-2025-14730

A security flaw has been discovered in CTCMS Content Management System up to 2.1.2. The impacted element is an unknown function in the library /ctcms/libs/CtConfig.php of the component Backend System Configuration Module. The manipulation of the argument CjAdd/CjEdit results in code injection. Th...

7.2CVSS7AI score0.0004EPSS

Exploits1References1

EUVD•added 2025/12/16 12:30 a.m.•3 views

EUVD-2025-203470

5.8CVSS6.5AI score0.0004EPSS

Exploits1References5

VulnCheck KEV•added 2025/12/16 12:0 a.m.•6 views

VulnCheck KEV: CVE-2021-34427

In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessible from remote current BIRT viewer dir to inject JSP code into the running instance...

9.8CVSS5.9AI score0.66747EPSS

In wildExploits3References2

NVD•added 2025/12/15 11:15 p.m.•3 views

CVE-2025-14730

7.2CVSS0.0004EPSS

Exploits1References4

OSV•added 2025/12/15 11:15 p.m.•2 views

CVE-2025-14729

7.2CVSS5.5AI score0.00044EPSS

Exploits1References4

CVE•added 2025/12/15 11:2 p.m.•6 views

CVE-2025-14729

CVE-2025-14729 affects CTCMS Content Management System up to version 2.1.2. The vulnerability resides in the Save function of /ctcms/libs/Ct_App.php, in the Backend App Configuration Module, where manipulating the CT_App_Paytype argument enables code injection. Remote exploitation is possible and...

7.2CVSS6.7AI score0.00044EPSS

Exploits1References4Affected Software1

NVD•added 2025/12/07 11:15 p.m.•2 views

CVE-2025-14204

A vulnerability has been found in TykoDev cherry-studio-TykoFork 0.1. This issue affects the function redirectToAuthorization of the file /.well-known/oauth-authorization-server of the component OAuth Server Discovery. Such manipulation of the argument authorizationUrl leads to os command...

6.5CVSS0.00526EPSS

Exploits0References4

RedhatCVE•added 2025/12/04 6:17 p.m.•23 views

CVE-2025-13792

A security flaw has been discovered in Qualitor up to 8.20.104/8.24.97. Affected by this vulnerability is the function eval of the file /html/st/stdeslocamento/request/getResumo.php. Performing a manipulation of the argument passageiros results in code injection. Remote exploitation of the attack...

7.5CVSS7AI score0.00055EPSS

Exploits0References1

RedhatCVE•added 2025/12/01 9:22 a.m.•7 views

CVE-2025-13786

A vulnerability was detected in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Impacted is the function fetch of the file /index.php. Performing manipulation of the argument content results in code injection. It is possible to initiate the attack remotely. The exploit is now public...

9.8CVSS6.9AI score0.0004EPSS

Exploits1References1

EUVD•added 2025/11/30 6:30 p.m.•2 views

EUVD-2025-199935

A security flaw has been discovered in Qualitor 8.20/8.24. Affected by this vulnerability is the function eval of the file /html/st/stdeslocamento/request/getResumo.php. Performing manipulation of the argument passageiros results in code injection. Remote exploitation of the attack is possible. T...

7.5CVSS7.2AI score0.00055EPSS

Exploits0References5

NVD•added 2025/11/30 4:15 p.m.•1 views

CVE-2025-13792

7.5CVSS0.00055EPSS

Exploits0References6

ATTACKERKB•added 2025/11/30 4:2 p.m.•0 views

CVE-2025-13792

7.5CVSS5.1AI score0.00055EPSS

Exploits0References6

OSV•added 2025/11/30 9:15 a.m.•4 views

CVE-2025-13786

9.8CVSS5.6AI score

Exploits0References5

NVD•added 2025/11/30 9:15 a.m.•5 views

CVE-2025-13786

9.8CVSS0.0004EPSS

Exploits1References5

Vulnrichment•added 2025/11/30 9:2 a.m.•6 views

CVE-2025-13786 taosir WTCMS index.php fetch code injection

7.5CVSS6.7AI score0.0004EPSS

Exploits1References5

Cvelist•added 2025/11/30 9:2 a.m.•11 views

CVE-2025-13786 taosir WTCMS index.php fetch code injection

7.5CVSS0.0004EPSS

Exploits1References5

Positive Technologies•added 2025/11/30 12:0 a.m.•3 views

PT-2025-48395

Name of the Vulnerable Software and Affected Versions Qualitor versions prior to 8.20.105 and prior to 8.24.98 Description A security flaw exists in Qualitor that allows for code injection. The eval function within the file /html/st/stdeslocamento/request/getResumo.php is affected. Manipulation o...

7.5CVSS7.4AI score0.00055EPSS

Exploits0References13

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by