CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

Positive Technologies•added 2026/04/13 12:0 a.m.•1 views

PT-2026-32356

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL Injection in the file /rsms/admin/services/view service.php...

5.9AI score0.00033EPSS

Exploits1References2

RedhatCVE•added 2026/03/04 1:56 a.m.•5 views

CVE-2025-50188

Chamilo is a learning management system. Prior to version 1.11.30, the application performs insufficient validation of data coming from the user from the GET value parameter with the following scripts: /plugin/vchamilo/views/syncparams.php and /plugin/vchamilo/ajax/service.php, which allows an...

7.2CVSS6AI score0.00107EPSS

Exploits1References1

Vulnrichment•added 2026/03/02 2:47 p.m.•4 views

CVE-2025-50188 Error-based SQL Injection in Chamilo LMS

7CVSS6AI score0.00107EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-30099

Malware in sbrugna...

8.8CVSS8.6AI score0.00177EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2021-30439

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00546EPSS

Exploits1References2

RedhatCVE•added 2025/05/22 9:33 p.m.•6 views

CVE-2021-43509

SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the id parameter in view-service.php...

9.8CVSS8.2AI score0.00546EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:43 p.m.•9 views

CVE-2020-9270

ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via service.php...

8.8CVSS7.1AI score0.00177EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 3:43 p.m.•5 views

CVE-2020-9271

ICE Hrm 26.2.0 is vulnerable to CSRF that leads to user creation via service.php...

6.5CVSS6.9AI score0.00161EPSS

Exploits1References1

Prion•added 2024/01/29 1:15 a.m.•22 views

Path traversal

A vulnerability, which was classified as problematic, has been found in Sichuan Yougou Technology KuERP up to 1.0.4. Affected by this issue is the function delsndb of the file /application/index/controller/Service.php. The manipulation of the argument file leads to path traversal: '../filedir'. T...

4.8CVSS7AI score0.00111EPSS

Exploits0References3Affected Software1

CNNVD•added 2024/01/29 12:0 a.m.•4 views

Sichuan Yougou Technology KuERP Security Breach

Sichuan Yougou Technology KuERP is an e-commerce platform of Sichuan Yougou Technology, a Chinese company. A security vulnerability exists in Sichuan Yougou Technology KuERP version 1.0.4, which originates from a path traversal issue in the delsndb function in the file...

9.8CVSS6.8AI score0.00111EPSS

Exploits0References4

Positive Technologies•added 2023/05/09 12:0 a.m.•3 views

PT-2023-20380 · Sourcecodester · Sourcecodester Billing Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Billing Management System version 1.0 Description: A critical issue has been found in the SourceCodester Billing Management System, affecting an unknown functionality of the file ajax service.php of the component POST Parameter...

9.8CVSS7.6AI score0.00306EPSS

Exploits1References5

Veracode•added 2023/01/23 6:45 p.m.•17 views

Cross-Site Scripting (XSS)

pimcore/pimcore is vulnerable to Cross-Site-Scripting XSS. The vulnerability exists in the generateLayoutTreeFromArray function in Service.php because the title field is not validated which allows an attacker to inject and execute arbitrary scripts...

6.1CVSS6AI score0.00005EPSS

Exploits1References4Affected Software1

NVD•added 2022/04/08 9:15 p.m.•7 views

CVE-2022-26588

A Cross-Site Request Forgery CSRF in IceHrm 31.0.0.OS allows attackers to delete arbitrary users or achieve account takeover via the app/service.php URI...

6.5CVSS0.00164EPSS

Exploits4References2