CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29 matches found

CNNVD•added 2026/06/08 12:0 a.m.•7 views

SourceCodester Hospitals Patient Records Management System 跨站脚本漏洞

SourceCodester Hospitals Patient Records Management System is an open-source hospital medical record management system developed by SourceCodester. Version 1.0 of the SourceCodester Hospitals Patient Records Management System contains a cross-site scripting vulnerability. This vulnerability stems...

4.8CVSS4.2AI score0.00214EPSS

Exploits0References1

RedhatCVE•added 2026/06/06 6:43 p.m.•11 views

CVE-2026-11342

A vulnerability has been found in code-projects Hotel and Tourism Reservation System 1.0. This affects an unknown function of the file /details.php. Such manipulation of the argument room leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and...

7.5CVSS5.5AI score0.00263EPSS

Exploits0References1

NVD•added 2026/06/05 6:17 p.m.•9 views

CVE-2026-11342

7.5CVSS0.00263EPSS

Exploits0References6

Cvelist•added 2026/06/05 5:0 p.m.•28 views

CVE-2026-11342 code-projects Hotel and Tourism Reservation System details.php sql injection

7.5CVSS0.00263EPSS

Exploits0References6

ATTACKERKB•added 2026/06/05 5:0 p.m.•7 views

CVE-2026-11342

7.5CVSS7AI score0.00263EPSS

Exploits0References6Affected Software1

EUVD•added 2026/06/05 5:0 p.m.•8 views

EUVD-2026-34864

7.5CVSS7AI score0.00263EPSS

Exploits0References6

Positive Technologies•added 2026/06/05 12:0 a.m.•8 views

PT-2026-47007

7.5CVSS7AI score0.00263EPSS

Exploits0References7

CNNVD•added 2026/06/05 12:0 a.m.•7 views

Code-Projects Hotel and Tourism Reservation System SQL注入漏洞

Code-Projects Hotel and Tourism Reservation System is an open-source hotel and tourism reservation system developed by Code-Projects. Version 1.0 of the Code-Projects Hotel and Tourism Reservation System has a SQL injection vulnerability. This vulnerability arises from improper handling of the ro...

7.5CVSS7.5AI score0.00263EPSS

Exploits0References7

EUVD•added 2025/12/30 9:30 p.m.•5 views

EUVD-2025-205838

A Stored Cross-Site Scripting XSS vulnerability exists in the Meeting location field of the Create/Edit Conference functionality in TrueConf Server v5.5.2.10813. The injected payload is stored via the meetingroom parameter and executed when users visit the Conference Info page, allowing attackers...

4.8AI score0.00261EPSS

Exploits1References3

Cvelist•added 2025/12/30 12:0 a.m.•23 views

CVE-2025-66824

0.00261EPSS

Exploits1References2

RedhatCVE•added 2025/10/23 9:9 p.m.•4 views

CVE-2025-62613

VDO.Ninja is a tool that brings remote video feeds into OBS or other studio software via WebRTC. From versions 28.0 to before 28.4, a reflected Cross-Site Scripting XSS vulnerability exists on examples/control.html through the room parameter, which is improperly sanitized before being rendered in...

6.9CVSS6AI score0.01099EPSS

Exploits0References1

NVD•added 2025/10/22 9:15 p.m.•2 views

CVE-2025-62613

6.9CVSS0.01099EPSS

Exploits0References3

CVE•added 2025/10/22 8:52 p.m.•23 views

CVE-2025-62613

VDO.Ninja (versions 28.0–28.3) is affected by a reflected XSS in examples/control.html via the room parameter. The issue arises from improper sanitization before rendering in the DOM, due to insufficient input validation/encoding. The vulnerability could allow script execution in the context of t...

6.9CVSS5.6AI score0.01099EPSS

Exploits0References3

Cvelist•added 2025/10/22 8:52 p.m.•8 views

CVE-2025-62613 VDO.Ninja Reflected XSS Vulnerability in control.html

6.9CVSS0.01099EPSS

Exploits0References3

EUVD•added 2025/10/22 8:52 p.m.•4 views

EUVD-2025-35631

6.9CVSS5.5AI score0.01099EPSS

Exploits0References3

Vulnrichment•added 2025/10/22 8:52 p.m.•1 views

CVE-2025-62613 VDO.Ninja Reflected XSS Vulnerability in control.html

6.9CVSS5.6AI score0.01099EPSS

Exploits0References3

OSV•added 2025/10/22 8:52 p.m.•3 views

CVE-2025-62613 VDO.Ninja Reflected XSS Vulnerability in control.html

6.9CVSS6AI score0.01099EPSS

Exploits0References5

Positive Technologies•added 2025/10/22 12:0 a.m.•4 views

PT-2025-43408

Name of the Vulnerable Software and Affected Versions VDO.Ninja versions 28.0 through 28.3 Description VDO.Ninja is a tool used to integrate remote video feeds into studio software via WebRTC. A reflected Cross-Site Scripting XSS issue exists in the examples/control.html file through the room...

6.9CVSS5.6AI score0.01099EPSS

Exploits0References10

CNNVD•added 2025/10/22 12:0 a.m.•4 views

vdo.ninja 跨站脚本漏洞

vdo.ninja is a remote video input tool by Steve Seguin, an individual developer. A cross-site scripting vulnerability exists in vdo.ninja versions 28.0 through prior to 28.4, which stems from improper cleanup of the room parameter in examples/control.html, which could lead to a reflective...

6.9CVSS6AI score0.01099EPSS

Exploits0References4

NVD•added 2025/10/08 12:15 p.m.•3 views

CVE-2025-11472

A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /editroom.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

9.8CVSS0.00431EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by