CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

RedhatCVE•added 2025/11/07 1:46 p.m.•3 views

CVE-2025-63585

OSSN Open Source Social Network 8.6 is vulnerable to SQL Injection in /action/rtcomments/status via the timestamp parameter...

6.5CVSS8AI score0.00035EPSS

Exploits1References1

GithubExploit•added 2025/11/07 3:22 a.m.•114 views

Exploit for CVE-2025-63585

CVE-2025-63585 Blind Time-Based SQL Injection in /action/rtc...

6.5CVSS8.6AI score0.00035EPSS

Exploits1

OSV•added 2025/11/05 9:15 p.m.•1 views

CVE-2025-63585

OSSN Open Source Social Network 8.6 is vulnerable to SQL Injection in /action/rtcomments/status via the timestamp parameter...

6.5CVSS8AI score0.00035EPSS

Exploits1References2

NVD•added 2025/11/05 9:15 p.m.•2 views

CVE-2025-63585

OSSN Open Source Social Network 8.6 is vulnerable to SQL Injection in /action/rtcomments/status via the timestamp parameter...

6.5CVSS0.00035EPSS

Exploits1References2

Positive Technologies•added 2025/11/05 12:0 a.m.•2 views

PT-2025-45163

Name of the Vulnerable Software and Affected Versions OSSN Open Source Social Network version 8.6 Description OSSN Open Source Social Network version 8.6 has a SQL Injection issue in the /action/rtcomments/status API endpoint through the timestamp parameter. Recommendations At the moment, there i...

6.5CVSS7.4AI score0.00035EPSS

Exploits1References5

EUVD•added 2025/11/05 12:0 a.m.•5 views

EUVD-2025-37922

OSSN Open Source Social Network 8.6 is vulnerable to SQL Injection in /action/rtcomments/status via the timestamp parameter...

7.5AI score0.00035EPSS

Exploits1References3

CVE•added 2025/11/05 12:0 a.m.•9 views

CVE-2025-63585

OSSN 8.6 is vulnerable to SQL Injection in /action/rtcomments/status via the timestamp parameter. The vulnerability is a SQLi in the timestamp field that can lead to data disclosure/modification under certain DB permissions, with evidence of a time-based blind exploit demonstrated in public GitHu...

6.5CVSS7.6AI score0.00035EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2025/11/05 12:0 a.m.•2 views

CVE-2025-63585

OSSN Open Source Social Network 8.6 is vulnerable to SQL Injection in /action/rtcomments/status via the timestamp parameter...

7.6AI score0.00035EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2008-1498

Malware in sbrugna...

7.5CVSS6.4AI score0.01284EPSS

Exploits1References7

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2008-2776

Malware in sbrugna...

4.3CVSS6.4AI score0.00246EPSS

Exploits1References4

CNNVD•added 2025/05/09 12:0 a.m.•1 views

WordPress plugin WPForms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

5.4CVSS5.9AI score0.00146EPSS

Exploits0References3

OSV•added 2023/09/06 1:15 p.m.•0 views

CVE-2023-41932

Jenkins Job Configuration History Plugin 1227.v7a79fc4dc01f and earlier does not restrict 'timestamp' query parameters in multiple endpoints, allowing attackers with to delete attacker-specified directories on the Jenkins controller file system as long as they contain a file called 'history.xml'...

6.5CVSS5.8AI score

Exploits0References2

CNNVD•added 2023/09/06 12:0 a.m.•1 views

Jenkins Plugin Job Configuration History Code Issue Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

6.5CVSS6.8AI score0.00083EPSS

Exploits0References4

ATTACKERKB•added 2022/10/06 10:15 p.m.•3 views

CVE-2022-40494

NPS before v0.26.10 was discovered to contain an authentication bypass vulnerability via constantly generating and sending the Auth key and Timestamp parameters...

9.8CVSS7.4AI score0.0816EPSS

Exploits1References3

CNNVD•added 2022/10/06 12:0 a.m.•1 views

NPS 授权问题漏洞

NPS is ehang-io open source a lightweight , high-performance , powerful intranet penetration proxy server . NPS v0.26.10 before the version has a security vulnerability , the vulnerability stems from an attacker can bypass authentication by constantly generating and sending authentication keys an...

9.8CVSS8.3AI score0.0816EPSS

Exploits1References3

OpenVAS•added 2014/06/19 12:0 a.m.•18 views

AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability

AlienVault Open Source SIEM OSSIM SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.4AI score

Exploits0References2

NVD•added 2013/12/31 8:55 p.m.•16 views

CVE-2012-0261

license.php in system-portal before 1.6.2 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the timestamp parameter for an install action...

10CVSS7.6AI score0.87193EPSS

Exploits7References6

Prion•added 2013/12/31 8:55 p.m.•22 views

Deserialization of untrusted data

10CVSS8.1AI score0.87193EPSS

Exploits7References6Affected Software2

ATTACKERKB•added 2008/06/19 8:41 p.m.•1 views

CVE-2008-2783

Multiple cross-site scripting XSS vulnerabilities in Horde Groupware, Groupware Webmail Edition, and Kronolith allow remote attackers to inject arbitrary web script or HTML via the timestamp parameter to 1 week.php, 2 workweek.php, and 3 day.php; and 4 the horde parameter in the PATHINFO to the...

4.3CVSS5.5AI score0.00246EPSS

Exploits1References3

Cvelist•added 2008/06/19 8:0 p.m.•20 views

CVE-2008-2783

5.7AI score0.00246EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by