CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1599 matches found

RedhatCVE•added 2025/05/22 4:6 p.m.•5 views

CVE-2020-21003

Pbootcms v2.0.3 is vulnerable to Cross Site Scripting XSS via admin.php...

4.8CVSS6.1AI score0.00482EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:5 p.m.•13 views

CVE-2020-21564

An issue was discovered in Pluck CMS 4.7.10-dev2 and 4.7.11. There is a file upload vulnerability that can cause a remote command execution via admin.php?action=files...

8.8CVSS7.3AI score0.03312EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:46 p.m.•5 views

CVE-2020-21505

waimai Super Cms 20150505 contains a cross-site scripting XSS vulnerability in the component /admin.php/Link/addsave...

6.1CVSS5.8AI score0.00641EPSS

Exploits1

RedhatCVE•added 2025/05/22 12:8 p.m.•6 views

CVE-2012-4279

Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to execute arbitrary SQL commands via the 1 view parameter to agentdisplay.php or 2 edit parameter to admin/admin.php...

7.5CVSS9AI score0.01119EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 8:50 a.m.•4 views

CVE-2019-7587

Bo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/comments/batchdel/ comID parameter because this parameter is mishandled in the mode/admin.mode.php delBlockedBatch function...

9.8CVSS8.2AI score0.01505EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 8:48 a.m.•7 views

CVE-2019-9912

The wp-google-maps plugin before 7.10.43 for WordPress has XSS via the wp-admin/admin.php PATHINFO...

6.1CVSS6AI score0.03028EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 7:4 a.m.•14 views

CVE-2018-20604

Lei Feng TV CMS aka LFCMS 3.8.6 allows Directory Traversal via crafted use of .. in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/web........1.txt.html URI to read the 1.txt file...

4.9CVSS6.8AI score0.01369EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 5:27 a.m.•4 views

CVE-2015-9292

6kbbs 7.1 and 8.0 allows CSRF via portalchannelajax.php id or code parameter or admin.php fileids parameter...

8.8CVSS7.2AI score0.00614EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 9:43 p.m.•3 views

CVE-2005-2203

login.php in phpWishlist before 0.1.15 allows remote attackers to bypass authentication via a direct request to admin.php...

7.5CVSS7.3AI score0.01481EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 9:8 p.m.•5 views

CVE-2009-0275

Static code injection vulnerability in admin.php in Ryneezy phoSheezy 0.2 allows remote authenticated administrators to inject arbitrary PHP code into config/header via the header parameter. NOTE: this can be exploited by unauthenticated attackers by leveraging CVE-2009-0250. NOTE: the provenance...

6.5CVSS7AI score0.06282EPSS

Exploits1References1

RedhatCVE•added 2025/05/21 7:17 p.m.•6 views

CVE-2008-1228

Cross-site scripting XSS vulnerability in admin.php in MG2 formerly Minigal allows remote attackers to inject arbitrary web script or HTML via the list parameter in an import action...

4.3CVSS5.9AI score0.01189EPSS

Exploits1References1

CNNVD•added 2025/05/09 12:0 a.m.•2 views

CampCodes Online Food Ordering System 注入漏洞

CampCodes Online Food Ordering System is an online food ordering system from CampCodes, Inc. An injection vulnerability exists in CampCodes Online Food Ordering System version 1.0, which originates from SQL injection due to parameter ID manipulation in file /view-ticket-admin.php...

9.8CVSS7.8AI score0.00547EPSS

Exploits1References6

RedhatCVE•added 2025/05/07 12:24 a.m.•22 views

CVE-2025-45751

SourceCodester Web Based Pharmacy Product Management System 1.0 is vulnerable to Cross Site Scripting XSS in add-admin.php via the Fullname text field...

6.1CVSS6.1AI score0.00241EPSS

Exploits1References1

OSV•added 2025/05/05 2:15 p.m.•2 views

CVE-2025-45751

SourceCodester Web Based Pharmacy Product Management System 1.0 is vulnerable to Cross Site Scripting XSS in add-admin.php via the Fullname text field...

6.1CVSS5.8AI score0.00241EPSS

Exploits1References2

NVD•added 2025/05/05 2:15 p.m.•41 views

CVE-2025-45751

SourceCodester Web Based Pharmacy Product Management System 1.0 is vulnerable to Cross Site Scripting XSS in add-admin.php via the Fullname text field...

6.1CVSS0.00241EPSS

Exploits1References2

Cvelist•added 2025/04/20 4:0 a.m.•30 views

CVE-2025-3821 SourceCodester Web-based Pharmacy Product Management System add-admin.php cross site scripting

A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file add-admin.php. The manipulation of the argument txtpassword/txtfullname/txtemail leads to cross site scripting. Th...

4.8CVSS0.00294EPSS

Exploits1References5

CVE•added 2025/04/20 4:0 a.m.•69 views

CVE-2025-3821

CVE-2025-3821 affects SourceCodester Web-based Pharmacy Product Management System 1.0. The vulnerability resides in add-admin.php, where improper handling of the inputs txtpassword, txtfullname, and txtemail enables cross-site scripting. The issue is exploitable remotely and has public exploits. ...

5.4CVSS3.5AI score0.00294EPSS

Exploits1References5Affected Software1

CNNVD•added 2025/04/14 12:0 a.m.•3 views

PHPSHE 注入漏洞

PHPSHE is a set of online shopping mall system of China Lingbao Jane Hao Network Technology PHPSHE company. The system supports express tracking, online chat, order evaluation and statistics and other functions. PHPSHE 1.8 version of the existence of injection vulnerability, the vulnerability ste...

9.8CVSS6.9AI score0.00419EPSS

Exploits1References5

RedhatCVE•added 2025/04/11 3:46 a.m.•16 views

CVE-2025-29389

PbootCMS v3.2.9 contains a XSS vulnerability in admin.php?p=/Content/index/mcode/2tab=t2...

6.1CVSS6.1AI score0.00214EPSS

Exploits1References1

Positive Technologies•added 2025/04/09 12:0 a.m.•3 views

PT-2025-15698 · Pbootcms · Pbootcms

Name of the Vulnerable Software and Affected Versions: PbootCMS version 3.2.9 Description: The issue is related to a XSS vulnerability. It affects the "admin.php?p=/Content/index/mcode/2tab=t2" endpoint. Recommendations: For PbootCMS version 3.2.9, update to a version that fixes this issue, as th...

6.1CVSS5.6AI score0.00214EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by