CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

Positive Technologies•added 2025/04/01 12:0 a.m.•5 views

PT-2025-14097

Name of the Vulnerable Software and Affected Versions Apache Camel versions 4.8.0 through 4.8.5 Apache Camel versions 4.10.0 through 4.10.2 Description The issue is related to a Bypass/Injection vulnerability in the Apache Camel-Undertow component. This vulnerability allows an attacker to include...

6.5CVSS6.4AI score0.00878EPSS

Exploits0References19

OSV•added 2025/03/12 3:15 p.m.•16 views

CVE-2025-29891

Bypass/Injection vulnerability in Apache Camel. This issue affects Apache Camel: from 4.10.0 before 4.10.2, from 4.8.0 before 4.8.5, from 3.10.0 before 3.22.4. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS and 3.22.4 for 3.x releases. This vulnerability is...

4.8CVSS6.7AI score0.79817EPSS

Exploits4References3

OSV•added 2025/03/09 1:15 p.m.•4 views

CVE-2025-27636

Bypass/Injection vulnerability in Apache Camel components under particular conditions. This issue affects Apache Camel: from 4.10.0 through = 4.10.1, from 4.8.0 through = 4.8.4, from 3.10.0 through = 3.22.3. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS an...

5.6CVSS6.8AI score0.79817EPSS

Exploits3References6

Veracode•added 2020/01/23 6:12 a.m.•18 views

Authorization Bypass

secureheaders is vulnerable to authorization bypass. A semicolon character can be used to inject additional values and override arbitrary directives in the Content-Security-Policy header via append/overridecontentsecuritypolicydirectives...

5.8CVSS3.6AI score0.01814EPSS

Exploits1References5Affected Software243

seebug.org•added 2014/05/20 12:0 a.m.•13 views

CmsEasy_5.5_UTF-8_20140420 存在存储型xss 可打管理员和平行用户

简要描述： CmsEasy5.5UTF-820140420 存在存储型xss 可打管理员和平行用户详细说明：第一种情况（攻击管理员）: 注册用户后，然后访问/CmsEasy5.5UTF-820140420/uploads/bbs/add-archive.php?cid=1 进行发帖，其中主题填写： " oninput=alert1 然后登陆管理员，如图所示: 点击"操作"底下的编辑，然后，让管理员发现问题的时候，对其内容进行删除修改时候，抽发xss 如图所示：第二种情况（攻击平行用户）:...

7.1AI score

Exploits0

myhack58•added 2013/10/01 12:0 a.m.•15 views

destoon full version SQL injection vulnerability-vulnerability warning-the black bar safety net

在 include/global.func.php in stripsql function to pass the incoming value for the filter, but we can bypass this limit, to achieve the full version of the injected function stripsql$string $search =...

0.1AI score

Exploits0

securityvulns•added 2006/11/16 12:0 a.m.•29 views

E-Calendar Pro 3.0 [ login bypass & injection sql (post)]

vendor site:http://www.futuretec-soft.com/ product:E-Calendar Pro 3.0 bug:login bypass & injection sql post risk:high login bypass : username: 'or''=' passwd: 'or''=' injection sql post: in : /search.asp post your query into the search engine . laurent gaffie & benjamin mosse http://s-a-p.ca/...

0.2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by