CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

262 matches found

NVD•added 2022/11/03 8:15 p.m.•11 views

CVE-2022-43063

Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Users.php?f=deleteclient...

7.2CVSS0.00274EPSS

Exploits1References1

NVD•added 2022/08/26 1:15 p.m.•11 views

CVE-2022-37152

An issue was discovered in Online Diagnostic Lab Management System 1.0, There is a SQL injection vulnerability via "dob" parameter in "/classes/Users.php?f=saveclient"...

9.8CVSS0.00264EPSS

Exploits1References2

Prion•added 2022/08/26 1:15 p.m.•9 views

Sql injection

An issue was discovered in Online Diagnostic Lab Management System 1.0, There is a SQL injection vulnerability via "dob" parameter in "/classes/Users.php?f=saveclient"...

7.5CVSS9.7AI score0.00264EPSS

Exploits1References2Affected Software1

Cvelist•added 2022/08/23 10:40 a.m.•12 views

CVE-2022-2956 ConsoleTVs Noxen users.php cross site scripting

A vulnerability classified as problematic has been found in ConsoleTVs Noxen. Affected is an unknown function of the file /Noxen-master/users.php. The manipulation of the argument createuserusername with the input "alert/xss/ leads to cross site scripting. It is possible to launch the attack...

3.5CVSS6.2AI score0.00224EPSS

Exploits1References2

CNNVD•added 2022/08/23 12:0 a.m.•1 views

Noxen 跨站脚本漏洞

Noxen is an open source content management system from the individual developer Erik C. Forés. Noxen suffers from a cross-site scripting vulnerability that originates from an attacker being able to enter a special string that results in cross-site scripting of the variable createuserusername by a...

6.1CVSS5.2AI score0.00224EPSS

Exploits1References3

OSV•added 2022/07/05 8:15 p.m.•1 views

CVE-2022-32310

An access control issue in Ingredient Stock Management System v1.0 allows attackers to take over user accounts via a crafted POST request to /isms/classes/Users.php...

9.8CVSS7.3AI score

Exploits0References1

ATTACKERKB•added 2022/07/05 8:15 p.m.•0 views

CVE-2022-32310

An access control issue in Ingredient Stock Management System v1.0 allows attackers to take over user accounts via a crafted POST request to /isms/classes/Users.php...

9.8CVSS5.4AI score0.00358EPSS

Exploits1References2

Prion•added 2022/07/05 8:15 p.m.•9 views

Design/Logic Flaw

An access control issue in Ingredient Stock Management System v1.0 allows attackers to take over user accounts via a crafted POST request to /isms/classes/Users.php...

7.5CVSS9.1AI score0.00358EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2022/07/05 12:0 a.m.•2 views

PT-2022-21222 · Unknown · Ingredients Stock Management System

Name of the Vulnerable Software and Affected Versions: Ingredient Stock Management System version 1.0 Description: An access control issue allows attackers to take over user accounts via a crafted POST request to "/isms/classes/Users.php". Recommendations: For Ingredient Stock Management System...

9.8CVSS9.1AI score0.00358EPSS

Exploits1References4

NVD•added 2022/06/28 12:15 a.m.•11 views

CVE-2022-34134

Jorani v1.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /application/controllers/Users.php...

8.8CVSS0.00119EPSS

Exploits0References2

OSV•added 2022/06/28 12:15 a.m.•8 views

CVE-2022-34134

Benjamin BALET Jorani v1.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /application/controllers/Users.php...

8.8CVSS7.5AI score

Exploits0References2

Prion•added 2022/06/28 12:15 a.m.•12 views

Cross site request forgery (csrf)

Benjamin BALET Jorani v1.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /application/controllers/Users.php...

6.8CVSS8.8AI score0.00119EPSS

Exploits0References2Affected Software1

Prion•added 2022/05/24 3:15 p.m.•13 views

Cross site scripting

Covid-19 Travel Pass Management System v1.0 is vulnerable to Cross Site Scripting XSS via /ctpms/classes/Users.php?f=save, firstname...

3.5CVSS5.2AI score0.00206EPSS

Exploits1References1Affected Software1

NVD•added 2022/05/24 2:15 p.m.•8 views

CVE-2022-30460

Simple Social Networking Site v1.0 is vulnerable to Cross Site Scripting XSS via /sns/classes/Users.php?f=save, firstname...

5.4CVSS0.00206EPSS

Exploits1References1

NVD•added 2022/05/24 2:15 p.m.•11 views

CVE-2022-30462

Water-billing-management-system v1.0 is affected by: Cross Site Scripting XSS via /wbms/classes/Users.php?f=save, firstname...

5.4CVSS0.00206EPSS

Exploits1References1

Prion•added 2022/05/24 2:15 p.m.•10 views

Cross site scripting

Water-billing-management-system v1.0 is affected by: Cross Site Scripting XSS via /wbms/classes/Users.php?f=save, firstname...

3.5CVSS5.3AI score0.00206EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/05/24 1:15 p.m.•13 views

CVE-2022-30460

Simple Social Networking Site v1.0 is vulnerable to Cross Site Scripting XSS via /sns/classes/Users.php?f=save, firstname...

5.5AI score0.00206EPSS

Exploits1References1

Prion•added 2022/05/19 9:15 p.m.•10 views

Sql injection

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=saveclient...

4.3CVSS6.8AI score0.00194EPSS

Exploits1References2Affected Software1

Cvelist•added 2022/05/19 8:40 p.m.•12 views

CVE-2022-29652

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/classes/Users.php?f=saveclient...

7AI score0.00194EPSS

Exploits1References2

NVD•added 2022/05/12 4:15 p.m.•7 views

CVE-2022-29746

Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/classes/Users.php?f=delete...

9.8CVSS0.00264EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by