CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OCS Inventory OCS Inventory NG version ocsreports 2.4 contains a Cross Site Scripting XSS vulnerability in login form and search functionality that can result i...

6.1CVSS6.3AI score0.00301EPSS

Exploits1References2

RubySec•added 2025/08/20 12:0 a.m.•5 views

Spree Commerce is vulnerable to RCE through Search API

Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the searchinstanceeval parameter, which is dynamically invoked using Ruby’s send method. Thi...

9.8CVSS7.5AI score0.68643EPSS

Exploits1References1

Positive Technologies•added 2025/07/12 12:0 a.m.•1 views

PT-2025-29325 · Code Projects · Job Diary

Name of the Vulnerable Software and Affected Versions: code-projects Job Diary version 1.0 Description: A critical issue exists in code-projects Job Diary 1.0, affecting an unknown functionality within the /search.php file. The Search argument is susceptible to SQL injection, allowing for remote...

9.8CVSS7.2AI score0.00277EPSS

Exploits1References10

Positive Technologies•added 2025/07/08 12:0 a.m.•3 views

PT-2025-28291 · Sap · Sap Data Services Management Console

Name of the Vulnerable Software and Affected Versions: SAP Data Services Management Console affected versions not specified Description: The issue is related to a Cross-Site Scripting vulnerability in the search functionality associated with DQ job status reports. An authenticated attacker could...

5.4CVSS5.5AI score0.00123EPSS

Exploits0References5

Positive Technologies•added 2025/06/24 12:0 a.m.•3 views

PT-2025-26755 · Unknown · Phpgurukul Hospital Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System version 4.0 Description: A critical issue has been found in the PHPGurukul Hospital Management System, affecting some unknown functionality of the file /doctor/search.php. The manipulation of the searchda...

8.8CVSS6.7AI score0.00197EPSS

Exploits1References9

CVE•added 2025/06/02 3:58 p.m.•42 views

CVE-2025-48941

CVE-2025-48941 (MyBB) : Affected software: MyBB versions prior to 1.8.39. Issue: the internal search does not properly validate thread visibility, allowing a user with search access to infer the existence of hidden threads (draft, unapproved, or soft-deleted) by title. The visible flag (mybb_thre...

5.3CVSS5.3AI score0.00281EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by