CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-10307

Malware in sbrugna...

5.3CVSS5.5AI score0.00091EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 7:38 a.m.•4 views

CVE-2018-18587

BigProf AppGini 5.70 stores the passwords in the database using the MD5 hash...

5.3CVSS7AI score0.00091EPSS

Exploits0References1

OSV•added 2021/01/22 6:15 p.m.•11 views

CVE-2021-21260

Online Invoicing System OIS is open source software which is a lean invoicing system for small businesses, consultants and freelancers created using AppGini. In OIS version 4.0 there is a stored XSS which can enables an attacker takeover of the admin account through a payload that extracts a csrf...

5.4CVSS5.8AI score

Exploits0References2

NVD•added 2021/01/22 6:15 p.m.•9 views

CVE-2021-21260

7.6CVSS7.3AI score0.00206EPSS

Exploits1References2

CVE•added 2021/01/22 5:20 p.m.•64 views

CVE-2021-21260

The CVE-2021-21260 entry describes a stored XSS in Online Invoicing System (OIS) v4.0, caused by unsanitized input reflected in app/items_view.php (Item description). This enables an attacker to potentially takeover an admin account by injecting a payload that extracts a CSRF token and issues a p...

7.6CVSS5.6AI score0.00206EPSS

Exploits1References2Affected Software1

CNVD•added 2020/12/25 12:0 a.m.•6 views

BigProf Online Invoicing System Cross-Site Scripting Vulnerability (CNVD-2021-06952)

BigProf Online Invoicing System OIS is an easy invoicing tool for small businesses, consultants and freelancers created using AppGini. A stored cross-site scripting vulnerability exists in BigProf Online Invoicing System versions prior to 4.0. The vulnerability stems from the product failing to...

4.8CVSS5.7AI score0.0011EPSS

Exploits0References1

CNVD•added 2020/12/25 12:0 a.m.•7 views

BigProf Online Invoicing System Cross-Site Scripting Vulnerability (CNVD-2021-06953)

BigProf Online Invoicing System OIS is an easy invoicing tool for small businesses, consultants and freelancers created using AppGini. A cross-site scripting vulnerability exists in app/membershipsignup.php and app/admin/pageViewMembers.php in BigProf Online Invoicing System versions prior to 3.1...

6.1CVSS6.5AI score0.0024EPSS

Exploits1References1

exploitpack•added 2019/12/04 12:0 a.m.•20 views

Online Clinic Management System 2.2 - HTML Injection

Online Clinic Management System 2.2 - HTML Injection Exploit Title: Online Clinic Management System 2.2 - HTML Injection Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Download Link :...

7.6AI score

Exploits0

0day.today•added 2019/12/04 12:0 a.m.•245 views

Online Clinic Management System 2.2 - HTML Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Online Clinic Management System 2.2 - HTML Injection Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Download Link : https://bigprof.com/appgini/applications/online-clinic-management-system...

7.1AI score

Exploits0

Packet Storm•added 2019/11/29 12:0 a.m.•231 views

Online Inventory Manager 3.2 Cross Site Scripting

Exploit Title: Online Inventory Manager 3.2 - Persistent Cross-Site Scripting Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Link : https://bigprof.com/appgini/applications/online-inventory-manager Software : Online Inventory Manager Version : 3....

7.4AI score

Exploits0

0day.today•added 2019/11/29 12:0 a.m.•78 views

Online Inventory Manager 3.2 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Online Inventory Manager 3.2 - Persistent Cross-Site Scripting Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Link : https://bigprof.com/appgini/applications/online-inventory-manager Software :...

7.1AI score

Exploits0

exploitpack•added 2019/11/29 12:0 a.m.•19 views

Online Inventory Manager 3.2 - Persistent Cross-Site Scripting

Online Inventory Manager 3.2 - Persistent Cross-Site Scripting Exploit Title: Online Inventory Manager 3.2 - Persistent Cross-Site Scripting Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Link :...

6.8AI score

Exploits0

CNVD•added 2018/10/24 12:0 a.m.•1 views

BigProf AppGini Information Disclosure Vulnerability

BigProf AppGini is a suite of platforms for creating responsive data management applications from BigProf Software, Egypt. A security vulnerability exists in BigProf AppGini version 5.70 that stems from the program's use of MD5 hashing to store passwords in the database. An attacker could exploit...

6.1CVSS5.7AI score0.00091EPSS

Exploits0References1

OSV•added 2018/10/23 12:29 p.m.•1 views

CVE-2018-18587

BigProf AppGini 5.70 stores the passwords in the database using the MD5 hash...

5.3CVSS5.8AI score

Exploits0References1

NVD•added 2018/10/23 12:29 p.m.•8 views

CVE-2018-18587

BigProf AppGini 5.70 stores the passwords in the database using the MD5 hash...

5.3CVSS5.3AI score0.00091EPSS

Exploits0References1

CVE•added 2018/10/23 12:0 p.m.•43 views

CVE-2018-18587

CVE-2018-18587 affects BigProf AppGini 5.70, where passwords are stored in the database using MD5. The root cause is the use of MD5 hashing for password storage, leading to potential compromise of credentials (information disclosure). Connected sources corroborate the MD5-based storage in AppGini...

5.3CVSS5.3AI score0.00091EPSS

Exploits0References1Affected Software1