CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

RedhatCVE•added 2025/10/15 4:44 p.m.•1 views

CVE-2025-10610

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SFS Consulting Information Processing Industry and Foreign Trade Inc. Winsure allows Blind SQL Injection.This issue affects Winsure: through Version dated 21.08.2025...

9.8CVSS7.7AI score0.00038EPSS

Exploits0References1

EUVD•added 2025/10/14 3:31 p.m.•1 views

EUVD-2025-34190

9.8CVSS7.1AI score0.00038EPSS

Exploits0References2

NVD•added 2025/10/14 1:15 p.m.•1 views

CVE-2025-10610

9.8CVSS0.00038EPSS

Exploits0References1

Cvelist•added 2025/10/14 12:43 p.m.•4 views

CVE-2025-10610 SQLi in SFS Winsure

9.8CVSS0.00038EPSS

Exploits0References1

Vulnrichment•added 2025/10/14 12:43 p.m.•1 views

CVE-2025-10610 SQLi in SFS Winsure

9.8CVSS7.3AI score0.00038EPSS

Exploits0References1

CVE•added 2025/10/14 12:43 p.m.•12 views

CVE-2025-10610

CVE-2025-10610 corresponds to an SQL injection vulnerability in Winsure (SFS Winsure) caused by improper neutralization of special elements in SQL commands, enabling blind SQL injection. Affected: Winsure versions up to 21.08.2025. Public documentation consistently describes the flaw and its impa...

9.8CVSS7.3AI score0.00038EPSS

Exploits0References1

CNNVD•added 2025/10/14 12:0 a.m.•1 views

SFS Winsure SQL注入漏洞

SFS Winsure is an insurance solution suite from SFS Turkey. SFS Winsure versions 21.08.2025 and earlier suffer from a SQL injection vulnerability that stems from improper neutralization of special elements, which could lead to a blind SQL injection attack...

9.8CVSS7.8AI score0.00038EPSS

Exploits0References1

Positive Technologies•added 2025/10/14 12:0 a.m.•2 views

PT-2025-41894

Name of the Vulnerable Software and Affected Versions Winsure versions through August 21, 2025 Description A flaw exists in Winsure that allows for Blind SQL Injection due to improper neutralization of special elements used in SQL commands. This could allow an attacker to execute arbitrary SQL co...

9.8CVSS7.7AI score0.00038EPSS

Exploits0References5

RedhatCVE•added 2025/05/23 10:34 a.m.•5 views

CVE-2024-7098

Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection. This issue affects ww.Winsure: before 4.6.2...

9.8CVSS5.8AI score0.00219EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:49 a.m.•6 views

CVE-2024-7104

Improper Control of Generation of Code 'Code Injection' vulnerability in SFS Consulting ww.Winsure allows Code Injection. This issue affects ww.Winsure: before 4.6.2...

9.8CVSS5.8AI score0.00254EPSS

Exploits0References1

ATTACKERKB•added 2024/09/16 3:15 p.m.•1 views

CVE-2024-7098

Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection. This issue affects ww.Winsure: before 4.6.2...

9.8CVSS5.8AI score0.00219EPSS

Exploits0References3

NVD•added 2024/09/16 3:15 p.m.•13 views

CVE-2024-7104

Improper Control of Generation of Code 'Code Injection' vulnerability in SFS Consulting ww.Winsure allows Code Injection. This issue affects ww.Winsure: before 4.6.2...

9.8CVSS0.00254EPSS

Exploits0References2

ATTACKERKB•added 2024/09/16 3:15 p.m.•1 views

CVE-2024-7104

Improper Control of Generation of Code 'Code Injection' vulnerability in SFS Consulting ww.Winsure allows Code Injection. This issue affects ww.Winsure: before 4.6.2...

9.8CVSS5.8AI score0.00254EPSS

Exploits0References3

OSV•added 2024/09/16 3:15 p.m.•0 views

CVE-2024-7098

Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.This issue affects ww.Winsure: before 4.6.2...

9.8CVSS5.8AI score

Exploits0References1

NVD•added 2024/09/16 3:15 p.m.•15 views

CVE-2024-7098

Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection. This issue affects ww.Winsure: before 4.6.2...

9.8CVSS0.00219EPSS

Exploits0References2

OSV•added 2024/09/16 3:15 p.m.•1 views

CVE-2024-7104

Improper Control of Generation of Code 'Code Injection' vulnerability in SFS Consulting ww.Winsure allows Code Injection.This issue affects ww.Winsure: before 4.6.2...

9.8CVSS5.8AI score

Exploits0References1

Cvelist•added 2024/09/16 2:50 p.m.•17 views

CVE-2024-7098 XML Injection in SFS Consulting's ww.Winsure

Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection. This issue affects ww.Winsure: before 4.6.2...

9.2CVSS0.00219EPSS

Exploits0References2

CVE•added 2024/09/16 2:50 p.m.•45 views

CVE-2024-7098

CVE-2024-7098 corresponds to an Improper Restriction of XML External Entity Reference in SFS Consulting WW.Winsure prior to version 4.6.2, enabling XML Injection. Multiple connected sources (NVD, Red Hat, CVE list) confirm affected product and root cause. Impact is rated critical (high confidenti...

9.8CVSS5.8AI score0.00219EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2024/09/16 2:50 p.m.•13 views

CVE-2024-7098 XML Injection in SFS Consulting's ww.Winsure

Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection. This issue affects ww.Winsure: before 4.6.2...

9.2CVSS5.8AI score0.00219EPSS

Exploits0References2

CNNVD•added 2024/09/16 12:0 a.m.•2 views

SFS Consulting ww.Winsure 代码注入漏洞

SFS Consulting ww.Winsure is an application from SFS Consulting, Inc. A code injection vulnerability exists in SFS Consulting ww.Winsure versions prior to 4.6.2 that stems from improper code generation controls that allow code injection...

9.8CVSS7.5AI score0.00254EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by