CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16073 matches found

Positive Technologies•added 2025/12/02 12:0 a.m.•3 views

PT-2025-48737

Sourcecodester Web-based Pharmacy Product Management System v1.0 is vulnerable to Cross Site Scripting XSS in /product expiry/add-supplier.php via the Supplier Name field...

6.1CVSS6.2AI score0.00185EPSS

Exploits1References3

RedhatCVE•added 2025/11/25 7:7 a.m.•6 views

CVE-2025-13586

A flaw has been found in SourceCodester Online Student Clearance System 1.0. Impacted is an unknown function of the file /Admin/changepassword.php. This manipulation of the argument txtconfirmpassword causes sql injection. It is possible to initiate the attack remotely. The exploit has been...

7.2CVSS6.9AI score0.0028EPSS

Exploits1References1

RedhatCVE•added 2025/11/24 7:30 p.m.•6 views

CVE-2025-13565

A weakness has been identified in SourceCodester Inventory Management System 1.0. The affected element is an unknown function of the file /model/user/resetPassword.php. Executing manipulation can lead to weak password recovery. The attack may be performed from remote. The exploit has been made...

9.1CVSS6.7AI score0.00414EPSS

Exploits1References1

RedhatCVE•added 2025/11/24 6:34 p.m.•9 views

CVE-2025-13561

A vulnerability was determined in SourceCodester Company Website CMS 1.0. This vulnerability affects unknown code of the file /admin/index.php. This manipulation of the argument Username causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed a...

9.8CVSS7.3AI score0.00339EPSS

Exploits1References1

RedhatCVE•added 2025/11/24 6:34 p.m.•9 views

CVE-2025-13564

A security flaw has been discovered in SourceCodester Pre-School Management System 1.0. Impacted is the function removefile of the file app/controllers/FilehelperController.php. Performing manipulation of the argument filepath results in denial of service. The attack is possible to be carried out...

7.1CVSS6.7AI score0.00322EPSS

Exploits1References1

RedhatCVE•added 2025/11/24 5:24 p.m.•18 views

CVE-2025-13560

A vulnerability was found in SourceCodester Company Website CMS 1.0. This affects an unknown part of the file /admin/reset-password.php. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used...

9.8CVSS7AI score0.00339EPSS

Exploits1References1

NVD•added 2025/11/24 7:16 a.m.•4 views

CVE-2025-13586

7.2CVSS0.0028EPSS

Exploits1References5

OSV•added 2025/11/24 7:16 a.m.•3 views

CVE-2025-13586

7.2CVSS5.8AI score0.0028EPSS

Exploits1References5

Cvelist•added 2025/11/24 6:2 a.m.•11 views

CVE-2025-13586 SourceCodester Online Student Clearance System changepassword.php sql injection

5.8CVSS0.0028EPSS

Exploits1References5

Vulnrichment•added 2025/11/24 6:2 a.m.•2 views

CVE-2025-13586 SourceCodester Online Student Clearance System changepassword.php sql injection

5.8CVSS4.9AI score0.0028EPSS

Exploits1References5

CVE•added 2025/11/24 6:2 a.m.•13 views

CVE-2025-13586

SourceCodester Online Student Clearance System 1.0 contains a SQL injection in /Admin/changepassword.php through the txtconfirm_password parameter. The vulnerability arises from improper handling of the input in that function, enabling remote exploitation; multiple sources note that an exploit ha...

7.2CVSS5.1AI score0.0028EPSS

Exploits1References5Affected Software1

CNNVD•added 2025/11/24 12:0 a.m.•3 views

SourceCodester Online Student Clearance System SQL注入漏洞

SourceCodester Online Student Clearance System is a SourceCodester open source online student management system. A SQL injection vulnerability exists in SourceCodester Online Student Clearance System version 1.0, which stems from incorrect manipulation of the parameter txtconfirmpassword in the...

7.2CVSS5.8AI score0.0028EPSS

Exploits1References6

Positive Technologies•added 2025/11/24 12:0 a.m.•6 views

PT-2025-47888

A flaw has been found in SourceCodester Online Student Clearance System 1.0. Impacted is an unknown function of the file /Admin/changepassword.php. This manipulation of the argument txtconfirm password causes sql injection. It is possible to initiate the attack remotely. The exploit has been...

5.8CVSS5.3AI score0.0028EPSS

Exploits1References6

EUVD•added 2025/11/23 9:30 p.m.•3 views

EUVD-2025-198583

5.5CVSS6.3AI score0.00322EPSS

Exploits1References6

NVD•added 2025/11/23 7:15 p.m.•3 views

CVE-2025-13564

7.1CVSS0.00322EPSS

Exploits1References5

OSV•added 2025/11/23 7:15 p.m.•1 views

CVE-2025-13564

7.1CVSS5.6AI score0.00322EPSS

Exploits1References5

Vulnrichment•added 2025/11/23 7:2 p.m.•2 views

CVE-2025-13565 SourceCodester Inventory Management System resetPassword.php password recovery

6.9CVSS6.3AI score0.00414EPSS

Exploits1References5

Cvelist•added 2025/11/23 7:2 p.m.•9 views

CVE-2025-13565 SourceCodester Inventory Management System resetPassword.php password recovery

6.9CVSS0.00414EPSS

Exploits1References5

CVE•added 2025/11/23 7:2 p.m.•10 views

CVE-2025-13565

CVE-2025-13565 affects SourceCodester Inventory Management System 1.0. The weakness is in /model/user/resetPassword.php, where manipulation of an unknown function can enable weak password recovery. The vulnerability is exploitable remotely and a public exploit exists. Impact is indicated as weak ...

9.1CVSS6.3AI score0.00414EPSS

Exploits1References5Affected Software1

Vulnrichment•added 2025/11/23 6:32 p.m.•4 views

CVE-2025-13564 SourceCodester Pre-School Management System FilehelperController.php removefile denial of service

5.5CVSS6.5AI score0.00322EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by