CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

850 matches found

EUVD•added 2025/10/08 2:2 p.m.•5 views

EUVD-2025-33160

A security flaw has been discovered in SourceCodester Wedding Reservation Management System 1.0. This vulnerability affects unknown code of the file /global.php. The manipulation of the argument User results in sql injection. The attack may be launched remotely. The exploit has been released to t...

7.5CVSS6.7AI score0.00379EPSS

Exploits1References6

CVE•added 2025/10/08 2:2 p.m.•12 views

CVE-2025-11477

Summary: CVE-2025-11477 affects SourceCodester Wedding Reservation Management System 1.0. The flaw occurs in /global.php where manipulation of the User parameter enables a SQL injection. The vulnerability can be exploited remotely and exploits have been released publicly. Multiple connected sourc...

9.8CVSS7.3AI score0.00379EPSS

Exploits1References5Affected Software1

OSV•added 2025/10/07 8:15 a.m.•3 views

CVE-2025-11357

A security flaw has been discovered in code-projects Simple Banking System 1.0. This issue affects some unknown processing of the file /createuser.php. Performing manipulation of the argument Name results in sql injection. The attack may be initiated remotely. The exploit has been released to the...

8.8CVSS5.8AI score0.00299EPSS

Exploits1References5

CVE•added 2025/10/06 1:2 a.m.•13 views

CVE-2025-11313

Tipray Data Leakage Prevention System 1.0 has a SQL injection in findRolePage.do (findRolePage) caused by improper handling of the sort parameter. The flaw can be exploited remotely; exploit published. Vendor contact noted with no response. No remediation details are provided in the supplied docu...

9.8CVSS7.2AI score0.00452EPSS

Exploits1References4Affected Software1

Cvelist•added 2025/10/06 12:32 a.m.•10 views

CVE-2025-11312 Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 findModulePage.do findModulePage sql injection

A vulnerability was detected in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This affects the function findModulePage of the file findModulePage.do. The manipulation of the argument sort results in sql injection. The attack can be launched remotely. The exploit is now public...

7.5CVSS0.00452EPSS

Exploits1References4

EUVD•added 2025/10/05 9:30 a.m.•6 views

EUVD-2025-32450

A security flaw has been discovered in CRMEB up to 5.6. This issue affects some unknown processing of the file /adminapi/product/product of the component GET Parameter Handler. Performing manipulation of the argument cateid results in sql injection. Remote exploitation of the attack is possible...

6.5CVSS6.2AI score0.00299EPSS

Exploits0References5

RedhatCVE•added 2025/10/03 8:57 p.m.•11 views

CVE-2025-61605

WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain an SQL Injection vulnerability which was identified in the /pet/profilepet.php endpoint, specifically in the idpet parameter. This vulnerability allows attackers to execute arbitrary SQL...

9.4CVSS8.2AI score0.00388EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-30774

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00387EPSS

Exploits1References7

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-30780

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00543EPSS

Exploits1References7