CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

342 matches found

Packet Storm•added 2026/02/11 12:0 a.m.•116 views

📄 motionEye 0.43.1b4 Remote Code Execution

Client-side validation in motionEye's web UI can be bypassed via overriding the JS validation function. Arbitrary values including shell interpolation syntax can be saved into the motion config. When motion is restarted, the motion process interprets the config and can execute shell syntax embedd...

7.2CVSS5.5AI score0.57917EPSS

Exploits16

Exploit DB•added 2026/02/11 12:0 a.m.•206 views

motionEye 0.43.1b4 - RCE

Exploit Title: motionEye 0.43.1b4 - RCE Exploit PoC: motionEye RCE via client-side validation bypass safe PoC Filename: motioneyercepocedb.txt Author: prabhatverma47 Date tested: 2025-05-14 original test; prepared for submission: 2025-10-11 Affected Versions: motionEye = 0.43.1b4 Tested on: Debia...

7.2CVSS5.4AI score0.57917EPSS

Exploits16

RedhatCVE•added 2026/01/09 10:58 a.m.•1 views

CVE-2025-61546

There is an issue on the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69 that enables remote attacker to create financial discrepancies by purchasing items with a negative quantity. This vulnerability is possible d...

9.1CVSS5.6AI score0.00026EPSS

Exploits2References1

OSV•added 2026/01/08 5:15 p.m.•1 views

CVE-2025-61546

9.1CVSS5.9AI score0.00026EPSS

Exploits2References1

NVD•added 2026/01/08 5:15 p.m.•3 views

CVE-2025-61546

9.1CVSS0.00026EPSS

Exploits2References1

CVE•added 2026/01/08 12:0 a.m.•6 views

CVE-2025-61546

CVE-2025-61546 affects edu Business Solutions Print Shop Pro WebDesk 18.34. The issue is in the GetUnitPrice API at /PSP/appNET/Store/CartV12.aspx, caused by reliance on client-side input validation, allowing a remote attacker to create financial discrepancies by purchasing items with a negative ...

9.1CVSS5.6AI score0.00026EPSS

Exploits2References1Affected Software1

Cvelist•added 2026/01/08 12:0 a.m.•18 views

CVE-2025-61546

0.00026EPSS

Exploits2References1

CNNVD•added 2026/01/08 12:0 a.m.•2 views

edu Business Solutions Print Shop Pro WebDesk 安全漏洞

edu Business Solutions Print Shop Pro WebDesk is a print order management system from US-based edu Business Solutions. A security vulnerability exists in edu Business Solutions Print Shop Pro WebDesk version 18.34, which stems from insufficient validation of client-side inputs and could lead to a...

9.1CVSS6.6AI score0.00026EPSS

Exploits2References2

Positive Technologies•added 2026/01/08 12:0 a.m.•3 views

PT-2026-1827

Name of the Vulnerable Software and Affected Versions edu Business Solutions Print Shop Pro WebDesk version 18.34 Description A flaw exists in the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice API endpoint that allows a remote attacker to create financial discrepancies. This is possible by purchasi...

9.1CVSS6.6AI score0.00026EPSS

Exploits2References4

CVE•added 2025/12/24 7:27 p.m.•10 views

CVE-2019-25235

The CVE-2019-25235 entry concerns Smartwares HOME easy 1.0.9, where an authentication bypass vulnerability allows unauthenticated attackers to access administrative web pages by disabling JavaScript. This enables navigation to multiple administrative endpoints and bypass of client-side validation...

9.8CVSS7.2AI score0.00323EPSS

Exploits1References3

Vulnrichment•added 2025/12/24 7:27 p.m.•1 views

CVE-2019-25235 Smartwares HOME easy 1.0.9 Client-Side Authentication Bypass via Web Pages

Smartwares HOME easy 1.0.9 contains an authentication bypass vulnerability that allows unauthenticated attackers to access administrative web pages by disabling JavaScript. Attackers can navigate to multiple administrative endpoints and to bypass client-side validation and access sensitive system...

9.8CVSS7.2AI score0.00323EPSS

Exploits1References3

Cvelist•added 2025/12/24 7:27 p.m.•25 views

CVE-2019-25235 Smartwares HOME easy 1.0.9 Client-Side Authentication Bypass via Web Pages

9.8CVSS0.00323EPSS

Exploits1References3