CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

216431 matches found

Cvelist•added 2026/04/20 7:32 a.m.•31 views

CVE-2026-5963 Digiwin｜EasyFlow .NET - SQL Injection

EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

9.8CVSS0.00366EPSS

Exploits0References2

ATTACKERKB•added 2026/04/20 7:32 a.m.•5 views

CVE-2026-5963

EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

9.8CVSS6AI score0.00366EPSS

Exploits0References3Affected Software1

EUVD•added 2026/04/20 3:34 a.m.•5 views

EUVD-2026-23743

A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of the component HTTP GET Parameter Handler. The manipulation of the argument busid leads to sql...

7.5CVSS5.6AI score0.00259EPSS

Exploits0References5

NVD•added 2026/04/20 3:16 a.m.•8 views

CVE-2026-6595

7.5CVSS0.00259EPSS

Exploits0References4

Cvelist•added 2026/04/20 2:0 a.m.•29 views

CVE-2026-6595 ProjectsAndPrograms School Management System HTTP GET Parameter buslocation.php sql injection

7.5CVSS0.00259EPSS

Exploits0References4

ATTACKERKB•added 2026/04/20 2:0 a.m.•2 views

CVE-2026-6595

7.5CVSS6.8AI score0.00259EPSS

Exploits0References4

CVE•added 2026/04/20 2:0 a.m.•9 views

CVE-2026-6595

ProjectsAndPrograms School Management System, up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59, contains a vulnerability in buslocation.php (HTTP GET Parameter Handler). Manipulating the bus_id parameter causes an SQL injection, with remote attack possible and a publicly available exploit. The prod...

7.5CVSS6.8AI score0.00259EPSS

Exploits0References4

Vulnrichment•added 2026/04/20 2:0 a.m.•4 views

CVE-2026-6595 ProjectsAndPrograms School Management System HTTP GET Parameter buslocation.php sql injection

7.5CVSS6.8AI score0.00259EPSS

Exploits0References4

ATTACKERKB•added 2026/04/20 12:0 a.m.•3 views

CVE-2026-39111

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries and retrieve sensitive user data...

7.5CVSS5.8AI score0.00294EPSS

Exploits0References4

Cvelist•added 2026/04/20 12:0 a.m.•22 views

CVE-2026-39109

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 within the username parameter of the login page index.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve sensitive database...

0.00325EPSS

Exploits0References3

Positive Technologies•added 2026/04/20 12:0 a.m.•3 views

PT-2026-33750

A flaw has been found in phili67 Ecclesia CRM up to 8.0.0. This affects the function ValidateInput of the file /v2/query/view/ of the component Query Viewer Component. This manipulation of the argument custom causes sql injection. The attack can be initiated remotely. The exploit has been publish...

6.5CVSS6.3AI score0.00196EPSS

Exploits0References5

ATTACKERKB•added 2026/04/20 12:0 a.m.•4 views

CVE-2026-39110

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve...

8.2CVSS5.8AI score0.00295EPSS

Exploits0References4

Packet Storm•added 2026/04/20 12:0 a.m.•84 views

📄 OpenEMR 8.0.0.2 SQL Injection

This Metasploit auxiliary module targets a potential SQL injection vulnerability in OpenEMR version 8.0.0.2. ================================================================================================================================== | Title : OpenEMR 8.0.0.2 Exploitation Tool | | Author :...

8.8CVSS5.8AI score0.00473EPSS

Exploits3

Packet Storm•added 2026/04/20 12:0 a.m.•63 views

📄 openDCIM 25.01 SQL Injection

openDCIM version 25.01 remote SQL injection exploit that can be leveraged to execute arbitrary code. ================================================================================================================================== | Title : openDCIM 25.01 Python Exploit – Authenticated &...

6.1AI score

Exploits0

Positive Technologies•added 2026/04/20 12:0 a.m.•6 views

PT-2026-33725

Name of the Vulnerable Software and Affected Versions EasyFlow .NET affected versions not specified Description EasyFlow .NET developed by Digiwin contains a SQL Injection flaw. This allows unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database...

9.8CVSS6AI score0.00366EPSS

Exploits0References6

CVE•added 2026/04/20 12:0 a.m.•8 views

CVE-2026-39111

CVE-2026-39111 concerns an SQL injection vulnerability in the Apartment Visitors Management System V1.1. The flaw is triggered in the forgot-password.php page via the email parameter, allowing an unauthenticated attacker to manipulate backend SQL queries and retrieve sensitive user data. The conn...

7.5CVSS5.8AI score0.00294EPSS

Exploits0References3

Cvelist•added 2026/04/20 12:0 a.m.•31 views

CVE-2026-39110

0.00295EPSS

Exploits0References3

Positive Technologies•added 2026/04/20 12:0 a.m.•4 views

PT-2026-33690

7.5CVSS6.8AI score0.00259EPSS

Exploits0References5

Vulnrichment•added 2026/04/20 12:0 a.m.•2 views

CVE-2026-39111