CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2025/08/22 12:0 a.m.•2 views

CVE-2025-51092

8.6AI score0.00381EPSS

CNNVD•added 2025/08/22 12:0 a.m.•2 views

Secure LogIn and SignUp API in PHP 安全漏洞

Secure LogIn and SignUp API in PHP is a security interface software by Vishnu Sivadas Individual Developer. A security vulnerability exists in Secure LogIn and SignUp API in PHP, which stems from an insecure SQL query construct in DataBase.php that could lead to SQL injection...

9.8CVSS7.4AI score0.00381EPSS

CVE•added 2025/08/22 12:0 a.m.•21 views

CVE-2025-51092

The CVE-2025-51092 entry concerns the LogIn-SignUp project by VishnuSivadasVS. The underlying issue is SQL Injection due to unsafe SQL query construction in DataBase.php: logIn() and signUp() concatenate user input and unvalidated table names instead of using prepared statements. Although a prepa...

9.8CVSS8.3AI score0.00381EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2025/08/22 12:0 a.m.•3 views

PT-2025-34487 · Vishnusivadasvs · Login-Signup

Name of the Vulnerable Software and Affected Versions: LogIn-SignUp project by VishnuSivadasVS affected versions not specified Description: The LogIn-SignUp project is susceptible to SQL Injection due to the construction of SQL queries in the DataBase.php file. The logIn and signUp functions...

9.8CVSS8.3AI score0.00381EPSS

Exploits0References6

NVD•added 2025/08/21 6:15 p.m.•6 views

CVE-2025-52352

Aikaan IoT management platform v3.25.0325-5-g2e9c59796 provides a configuration to disable user sign-up in distributed deployments by hiding the sign-up option on the login page UI. However, the sign-up API endpoint remains publicly accessible and functional, allowing unauthenticated users to...

9.8CVSS0.00538EPSS

NVD•added 2025/08/21 2:15 p.m.•13 views

CVE-2025-9302

9.8CVSS0.00387EPSS

OSV•added 2025/08/21 2:15 p.m.•3 views

CVE-2025-9302

9.8CVSS5.8AI score0.00387EPSS

CVE•added 2025/08/21 2:2 p.m.•20 views

CVE-2025-9302

PHPGurukul User Management System 1.0 is affected by a SQL injection in signup.php via the emailid parameter. The vulnerability allows remote exploitation with a publicly available exploit, as confirmed by multiple connected sources (CNVD/PT-2025-34224/CNNVD-like reports). Root cause: lack of val...

9.8CVSS7.7AI score0.00387EPSS

Exploits1References5Affected Software1

Vulnrichment•added 2025/08/21 2:2 p.m.•8 views

CVE-2025-9302 PHPGurukul User Management System signup.php sql injection

7.5CVSS7.7AI score0.00387EPSS

Cvelist•added 2025/08/21 2:2 p.m.•13 views

CVE-2025-9302 PHPGurukul User Management System signup.php sql injection

7.5CVSS0.00387EPSS

Positive Technologies•added 2025/08/21 12:0 a.m.•12 views

PT-2025-34224 · Unknown · Phpgurukul User Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul User Management System version 1.0 Description: A SQL injection issue exists in PHPGurukul User Management System version 1.0. The issue is located in the /signup.php file, where manipulation of the emailid parameter can lead to SQ...

9.8CVSS8.5AI score0.00387EPSS

Exploits1References10

CNNVD•added 2025/08/21 12:0 a.m.•3 views

PHPGurukul User Management System 安全漏洞

User Management System is a user management system. User Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter emailid of the signup.php file. An attacker can exploit this vulnerability to...

9.8CVSS8.1AI score0.00387EPSS

Exploits1References6

Cvelist•added 2025/08/21 12:0 a.m.•8 views

CVE-2025-52352

0.00538EPSS

Vulnrichment•added 2025/08/21 12:0 a.m.•4 views

CVE-2025-52352

7.4AI score0.00538EPSS

Positive Technologies•added 2025/08/21 12:0 a.m.•5 views

PT-2025-34270 · Unknown · Aikaan Iot Management Platform

Name of the Vulnerable Software and Affected Versions: Aikaan IoT management platform version 3.25.0325-5-g2e9c59796 Description: The Aikaan IoT management platform allows unauthenticated users to register accounts via APIs, even when user sign-up is disabled through the user interface. This...

9.8CVSS7.2AI score0.00538EPSS

Exploits0References6

NVD•added 2025/08/20 8:15 a.m.•5 views

CVE-2025-49391

Cross-Site Request Forgery CSRF vulnerability in Fetch Designs Sign-up Sheets sign-up-sheets allows Cross Site Request Forgery.This issue affects Sign-up Sheets: from n/a through = 2.3.3...

4.3CVSS0.00126EPSS

CVE•added 2025/08/20 8:3 a.m.•13 views

CVE-2025-49391

CVE-2025-49391 is a CSRF vulnerability affecting the WordPress Sign-up Sheets plugin, with affected versions listed as up to 2.3.3. The vulnerability is documented across NVD, Red Hat, Patchstack, CVE lists, and Wordfence, which notes the issue has been patched. No exploit details or specific vul...

4.3CVSS5.9AI score0.00126EPSS

CNVD•added 2025/08/20 12:0 a.m.•5 views

Online Shopping Portal Project signup.php File SQL Injection Vulnerability

Online Shopping Portal Project is an online shopping portal project. A SQL injection vulnerability exists in Online Shopping Portal Project, which originates from the lack of validation of externally entered SQL statements in the parameter emailid in the file /shopping/signup.php. An attacker can...

9.8CVSS8.3AI score0.00371EPSS