CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

ATTACKERKB•added 2026/04/05 1:45 a.m.•3 views

CVE-2026-5534

A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit&id=10 of the component Parameter Handler. Such manipulation of the argument USERID leads to sql injection. The attack can be executed remotely. T...

7.5CVSS5.8AI score0.00043EPSS

Exploits0References5Affected Software1

OSV•added 2026/02/05 12:16 p.m.•2 views

CVE-2026-23797

In Quick.Cart user passwords are stored in plaintext form. An attacker with high privileges can display users' password in user editing page. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.7...

4.9CVSS5.8AI score0.00065EPSS

Exploits0References2

EUVD•added 2026/02/05 11:7 a.m.•3 views

EUVD-2026-5551

6.9CVSS5.4AI score0.00065EPSS

Exploits0References2

Cvelist•added 2026/02/05 11:7 a.m.•24 views

CVE-2026-23797 Plaintext password display in Quick.Cart

6.9CVSS0.00039EPSS

Exploits0References2

Positive Technologies•added 2026/02/05 12:0 a.m.•4 views

PT-2026-6547

Name of the Vulnerable Software and Affected Versions Quick.Cart version 6.7 Quick.Cart affected versions not specified Description User passwords are stored in plaintext. An attacker with high privileges can view user passwords on the user editing page. The vendor was notified of this issue but...

6.9CVSS5.5AI score0.00065EPSS

Exploits0References7

RedhatCVE•added 2025/10/11 9:22 p.m.•1 views

CVE-2025-11585

A vulnerability was found in code-projects Project Monitoring System 1.0. The impacted element is an unknown function of the file /useredit.php. The manipulation of the argument uid results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

9.8CVSS6.9AI score0.00042EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-1843

Malware in sbrugna...

8.8CVSS8.8AI score0.00141EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-49384

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00436EPSS

Exploits1References1

RedhatCVE•added 2025/09/10 7:18 p.m.•3 views

CVE-2025-10099

A weakness has been identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educarusuariocad.php of the component Editar usuário Page. This manipulation of the argument email/datainicial/dataexpiracao causes cross site...

4.8CVSS3.2AI score0.00072EPSS

Exploits1References1

OSV•added 2025/09/08 6:15 p.m.•3 views

CVE-2025-10099

4.8CVSS5.8AI score0.00072EPSS

Exploits1References5

Positive Technologies•added 2025/02/19 12:0 a.m.•1 views

PT-2025-7552 · Unknown · Movable Type

Name of the Vulnerable Software and Affected Versions: Movable Type affected versions not specified Description: Movable Type contains a reflected cross-site scripting issue in the user information edit page. When the Multi-Factor authentication plugin is enabled and a user accesses a crafted pag...

6.1CVSS6.6AI score0.00296EPSS

Exploits0References7

OSV•added 2023/10/27 6:15 p.m.•2 views

CVE-2023-5827

A vulnerability was found in Shanghai CTI Navigation CTI Monitoring and Early Warning System 2.2. It has been classified as critical. This affects an unknown part of the file /Web/SysManage/UserEdit.aspx. The manipulation of the argument ID leads to sql injection. The exploit has been disclosed t...

9.8CVSS5.6AI score

Exploits0References3

Positive Technologies•added 2023/10/27 12:0 a.m.•2 views

PT-2023-32359 · Shanghai Cti Navigation · Cti Monitoring/Early Warning System

Name of the Vulnerable Software and Affected Versions: Shanghai CTI Navigation CTI Monitoring and Early Warning System version 2.2 Description: A critical issue was found in the system, affecting the /Web/SysManage/UserEdit.aspx file. The manipulation of the ID argument leads to sql injection. Th...

9.8CVSS6.2AI score0.00052EPSS

Exploits1References7

OSV•added 2022/12/30 9:15 p.m.•3 views

CVE-2022-46580

TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the usereditpage parameter in the wificaptiveportal function...

9.8CVSS5.8AI score

Exploits0References1

CNNVD•added 2022/12/30 12:0 a.m.•2 views

TRENDnet TEW-755AP 缓冲区错误漏洞

The TRENDnet TEW-755AP is a router from TRENDnet. The TRENDnet TEW-755AP suffers from a buffer overflow vulnerability that stems from a lack of size checking of input data in the usereditpage parameter of the wificaptiveportal function, which can be exploited by an attacker to execute arbitrary...

9.8CVSS8.1AI score0.00436EPSS

Exploits1References2

Positive Technologies•added 2022/12/30 12:0 a.m.•3 views

PT-2022-27908 · Trendnet · Trendnet Tew755Ap

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW755AP version 1.13B01 Description: A stack overflow issue was discovered, related to the wifi captive portal function, specifically via the user edit page parameter. Recommendations: For TRENDnet TEW755AP version 1.13B01, consider...

9.8CVSS9.5AI score0.00436EPSS

Exploits1References2