CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/06/01 12:0 a.m.•10 views

PT-2026-45665

A flaw has been found in itsourcecode Fees Management System 1.0. The impacted element is an unknown function of the file /manage fee.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

6.5CVSS6.5AI score0.00319EPSS

Positive Technologies•added 2026/06/01 12:0 a.m.•11 views

PT-2026-45427

A vulnerability was identified in itsourcecode Content Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/edit topic.php. Such manipulation of the argument topic id leads to sql injection. The attack may be launched remotely. The exploit is publicly...

6.5CVSS5.8AI score0.00204EPSS

Positive Technologies•added 2026/06/01 12:0 a.m.•11 views

PT-2026-45617

Pixa Bank 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to extract sensitive data by injecting SQL code into the 'rib' parameter. Attackers can send POST requests to the agence-ajax.php endpoint with UNION-based SQL payloads to retrieve user information includi...

8.8CVSS5.9AI score0.00344EPSS

CNNVD•added 2026/06/01 12:0 a.m.•8 views

itsourcecode Online Blood Bank Management System SQL注入漏洞

itsourcecode Online Blood Bank Management System is an open-source online blood bank management system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability, which stems from improper handling of the parameter ID in the file/admin/viewrequest.php, potentially...

7.5CVSS7.5AI score0.00269EPSS

Exploits0References6

Positive Technologies•added 2026/06/01 12:0 a.m.•11 views

PT-2026-45260

Name of the Vulnerable Software and Affected Versions OTRS versions 7.0.x through 2026.3.x OTRS Community Edition version 6.0.x Description Improper input validation in the database layer module allows an unauthenticated SQL injection, which can lead to an authentication bypass. This enables...

9.1CVSS5.6AI score0.00299EPSS

Exploits1References8

CNNVD•added 2026/06/01 12:0 a.m.•8 views

OTRS 安全漏洞

OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in OTRS versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X up to version 2026.4.X, as well as in the Community Edition 6.0.x version. These vulnerabilities stem from improper input validation ...

9.1CVSS5.6AI score0.00299EPSS

Exploits1References1

Positive Technologies•added 2026/06/01 12:0 a.m.•13 views

PT-2026-45405

A vulnerability was identified in itsourcecode Content Management System 1.0. This vulnerability affects unknown code of the file /save comment.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and...

6.5CVSS5.7AI score0.00319EPSS

CNNVD•added 2026/06/01 12:0 a.m.•6 views

Code-Projects Hotel and Tourism Reservation System SQL注入漏洞

The Code-Projects Hotel and Tourism Reservation System is an open-source hotel and tourism reservation system developed by Code-Projects. Version 1.0 of the Code-Projects Hotel and Tourism Reservation System contains a SQL injection vulnerability. This vulnerability arises from an unknown functio...

7.5CVSS7.5AI score0.00318EPSS

Exploits0References6

CNNVD•added 2026/06/01 12:0 a.m.•7 views

itsourcecode Fees Management System SQL注入漏洞

itsourcecode Fees Management System is an open-source charging management system developed by itsourcecode. Version 1.0 of the itsourcecode Fees Management System has a SQL injection vulnerability. This vulnerability arises from incorrect operations with the parameter ID in the unknown portion of...

6.5CVSS6.6AI score0.00319EPSS

Exploits0References6

8.8CVSS5.7AI score0.00344EPSS

Pixa Bank SQL注入漏洞

Pixa Bank is an integrated AI visual creation workspace provided by Pixa Corporation. Version 2.0 of Pixa Bank has a SQL injection vulnerability. This vulnerability stems from the injection of SQL code using the rib parameter, which may allow unauthorized attackers to extract sensitive user...

Exploits0References3

7.1CVSS5.9AI score0.00301EPSS

Nextcloud SQL注入漏洞

Nextcloud is an open-source, self-hosted communication platform for file synchronization and sharing developed by the German company Nextcloud. Versions of Nextcloud from 0.9.0 to 0.9.7, as well as versions from 1.0.0 to 1.0.2, had a SQL injection vulnerability. This vulnerability stemmed from...

Exploits0References3

CNNVD•added 2026/06/01 12:0 a.m.•6 views

No-CMS SQL注入漏洞

No-CMS is a customizable content management framework developed by Go Frendi Gunawan. Version 1.0 of No-CMS has a SQL injection vulnerability. This vulnerability stems from the orderby parameter in the manageprivilege endpoint, which allows for SQL injection attacks. This could enable authenticat...

7.1CVSS5.7AI score0.00273EPSS

CNNVD•added 2026/06/01 12:0 a.m.•7 views

WordPress plugin WP AutoSuggest SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.8CVSS6.2AI score0.00341EPSS

7.1CVSS6.1AI score0.00273EPSS

Paroiciel SQL注入漏洞

Paroiciel is an parish management information system developed by the French company Paroiciel. Version 11.20 of Paroiciel contains a SQL injection vulnerability. This vulnerability stems from the eGeqIdEquipe parameter, which allows for SQL injections. This could enable authenticated attackers t...