CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

Positive Technologies•added 2026/04/07 12:0 a.m.•4 views

PT-2026-31005

Plane is an an open-source project management tool. Prior to 1.3.0, the IssueBulkUpdateDateEndpoint allows a project member ADMIN or MEMBER to modify the start date and target date of ANY issue across the entire Plane instance, regardless of workspace or project membership. The endpoint fetches...

6.5CVSS5.9AI score0.00036EPSS

Exploits1References3

EUVD•added 2026/03/26 6:30 a.m.•2 views

EUVD-2026-16118

A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is an unknown function of the file /admin/Member/index.html. This manipulation of the argument Search causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been published and may be used. The...

5.3CVSS4.2AI score0.00013EPSS

Exploits0References5

NVD•added 2026/03/26 6:16 a.m.•2 views

CVE-2026-4845

5.3CVSS0.00013EPSS

Exploits0References4

ATTACKERKB•added 2026/03/26 5:31 a.m.•1 views

CVE-2026-4845

5.3CVSS4.2AI score0.00013EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/03/26 5:31 a.m.•27 views

CVE-2026-4845 dameng100 muucmf index.html cross site scripting

5.3CVSS0.00013EPSS

Exploits0References4

CVE•added 2026/03/26 5:31 a.m.•5 views

CVE-2026-4845

CVE-2026-4845 affects dameng100 muucmf 1.9.5.20260309: an unknown function in /admin/Member/index.html is vulnerable. Manipulating the Search argument triggers cross-site scripting (XSS). The issue can be initiated remotely, and an exploit has been published. Vendor was contacted but did not resp...

5.3CVSS4.2AI score0.00013EPSS

Exploits0References4

CNNVD•added 2026/03/26 12:0 a.m.•4 views

MuuCmf 代码注入漏洞

MuuCmf is an open-source application development framework created by Dameng100. Version muucmf 1.9.5.20260309 contains a code injection vulnerability. This vulnerability stems from incorrect handling of parameters in the file admin/Member/index.html, specifically the parameter Search, which may...

5.3CVSS5.7AI score0.00013EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-7643

Malware in sbrugna...

5.4CVSS5.4AI score0.00455EPSS

Exploits5References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-3053

Malware in sbrugna...

6.5CVSS6.5AI score0.00273EPSS

Exploits5References5

RedhatCVE•added 2025/05/23 9:4 a.m.•1 views

CVE-2024-7276

A vulnerability has been found in itsourcecode Alton Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/membersave.php. The manipulation of the argument last/first leads to sql injection. The attack can be launched...

7.2CVSS7.8AI score0.00063EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 8:32 a.m.•5 views

CVE-2019-17225

Subrion 4.2.1 allows XSS via the panel/members/ Username, Full Name, or Email field, aka an "Admin Member JSON Update" issue...

5.4CVSS5.8AI score0.00455EPSS

Exploits5References1

OSV•added 2025/05/18 8:15 a.m.•0 views

CVE-2025-4865

A vulnerability was found in itsourcecode Restaurant Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/membersave.php. The manipulation of the argument last leads to sql injection. The attack may be initiated remotely. The exploit has...

9.8CVSS5.8AI score0.00204EPSS

Exploits1References5

OSV•added 2025/04/07 5:15 a.m.•1 views

CVE-2025-3336

A vulnerability was found in codeprojects Online Restaurant Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/membersave.php. The manipulation of the argument last leads to sql injection. The attack can be initiated remotely. The...

6.9CVSS6.9AI score

Exploits0References4

OSV•added 2024/07/30 11:15 p.m.•0 views

CVE-2024-7276

7.2CVSS5.7AI score0.00063EPSS

Exploits1References4

CNNVD•added 2024/07/30 12:0 a.m.•2 views

itsourcecode Alton Management System SQL注入漏洞

Alton Management System is an open source content management system from itsourcecode. A SQL injection vulnerability exists in version 1.0 of itsourcecode Alton Management System, which is caused by a SQL injection vulnerability in the last/first function of the /admin/membersave.php page...

7.2CVSS5.7AI score0.00063EPSS

Exploits1References2

Positive Technologies•added 2024/07/30 12:0 a.m.•1 views

PT-2024-38225 · Unknown · Alton Management System

Name of the Vulnerable Software and Affected Versions: Alton Management System version 1.0 Description: A critical issue has been found in the Alton Management System, affecting an unknown functionality of the file /admin/member save.php. The manipulation of the last and first arguments leads to...

7.2CVSS5.8AI score0.00063EPSS

Exploits1References7

0day.today•added 2019/10/07 12:0 a.m.•84 views

Subrion 4.2.1 - (Email) Persistant Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Title: Subrion 4.2.1 - 'Email' Persistant Cross-Site Scripting Author: Min Ko Ko Creatigon Vendor Homepage: https://subrion.org/ CVE : https://nvd.nist.gov/vuln/detail/CVE-2019-17225 Website : https://l33thacker.com Description : Allows XSS vi...

3.5CVSS5.6AI score0.00455EPSS

Exploits5

Exploit DB•added 2019/10/07 12:0 a.m.•318 views

Subrion 4.2.1 - 'Email' Persistant Cross-Site Scripting

Title: Subrion 4.2.1 - 'Email' Persistant Cross-Site Scripting Date: 2019-10-07 Author: Min Ko Ko Creatigon Vendor Homepage: https://subrion.org/ CVE : https://nvd.nist.gov/vuln/detail/CVE-2019-17225 Website : https://l33thacker.com Description : Allows XSS via the panel/members/ Username, Full...

5.4CVSS5.8AI score0.00455EPSS

Exploits5