CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Positive Technologies•added 2026/03/16 12:0 a.m.•0 views

PT-2026-25724

Next Click Ventures RealtyScript 4.0.2 contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting arbitrary SQL code through the GET parameter 'u id' in /admin/users.php and the POST parameter 'agent' in /admin/mailer.php. Attackers can...

8.8CVSS6.1AI score0.0027EPSS

Exploits1References4

CVE•added 2025/09/26 8:2 p.m.•11 views

CVE-2025-11040

CVE-2025-11040 affects code-projects Hostel Management System 1.0. The vulnerability is a SQL injection in the file /justines/admin/mod_users/index.php?view=view, caused by unsafely manipulating the parameter ID. It is exploitable remotely and an exploit is publicly available. Multiple connected ...

9.8CVSS6.8AI score0.00046EPSS

Exploits1References5Affected Software1

Tenable Nessus•added 2025/09/10 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2018-5690

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb...

5.4CVSS5.8AI score0.00163EPSS

Exploits0References2

CNNVD•added 2025/06/05 12:0 a.m.•1 views

NEWS-BUZZ 安全漏洞

NEWS-BUZZ is a news management system by the individual developer ANIRBAN DUTTA that allows users to publish and manage various news content. A security vulnerability exists in NEWS-BUZZ v1.0, which stems from an improper operation of the parameter delete in the file /admin/users.php, which could...

8.8CVSS6.9AI score0.00216EPSS

Exploits1References5

RedhatCVE•added 2025/05/23 1:4 a.m.•3 views

CVE-2022-28439

Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&=delete=4...

9.8CVSS8.3AI score0.00264EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 10:40 p.m.•3 views

CVE-2022-28433

Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php=display=Show=...

9.8CVSS8.3AI score0.00264EPSS

Exploits1References1

CNNVD•added 2023/12/26 12:0 a.m.•1 views

Weseek GROWI Security Vulnerability

Weseek GROWI is a team collaboration software from Weseek Japan. A security vulnerability exists in Weseek GROWI versions prior to 6.1.11, which stems from a stored cross-site scripting XSS vulnerability in the User Management /admin/users page...

5.4CVSS5.6AI score0.00492EPSS

Exploits0References3

CNNVD•added 2022/04/26 12:0 a.m.•3 views

ED01-CMS 代码问题漏洞

ED01-CMS is a CMS project in a Udemy course. A security vulnerability exists in ED01-CMS version 20180505, which stems from an arbitrary file upload vulnerability via /admin/users.php?source=edituser&id=1...

8.8CVSS8.1AI score0.00423EPSS

Exploits0References2

ATTACKERKB•added 2022/04/21 8:15 p.m.•1 views

CVE-2022-28439

Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&&action=delete&userid=4...

9.8CVSS5.9AI score0.00264EPSS

Exploits1References2

CNNVD•added 2022/04/21 12:0 a.m.•1 views

Sourcecodester Baby Care System SQL注入漏洞

Sourcecodester Baby Care System is an application of the Sourcecodester community in the United States. Sourcecodester Baby Care System v1.0 contains a SQL injection vulnerability that originates from the lack of validation of external input SQL statements in the userid parameter in...

9.8CVSS6.2AI score0.00264EPSS

Exploits1References2