CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

RedhatCVE•added 2026/02/20 1:22 a.m.•0 views

CVE-2026-27179

MajorDoMo aka Major Domestic Module contains an unauthenticated SQL injection vulnerability in the commands module. The commandssearch.inc.php file directly interpolates the $GET'parent' parameter into multiple SQL queries without sanitization or parameterized queries. The commands module is...

9.8CVSS6.1AI score0.00045EPSS

Exploits2References1

NVD•added 2026/02/18 10:16 p.m.•5 views

CVE-2026-27179

9.8CVSS0.00045EPSS

Exploits2References3

CVE•added 2026/02/18 9:10 p.m.•6 views

CVE-2026-27179

CVE-2026-27179 affects MajorDoMo’s commands module, where commands_search.inc.php interpolates $_GET['parent'] into SQL without sanitization or parameterization. The /objects/?module=commands endpoint is loadable without authentication, enabling arbitrary module calls via their usual() method. Th...

9.8CVSS6.1AI score0.00045EPSS

Exploits2References3Affected Software1

Vulnrichment•added 2026/02/18 9:10 p.m.•2 views

CVE-2026-27179 MajorDoMo Unauthenticated SQL Injection in Commands Module

8.8CVSS6.1AI score0.00045EPSS

Exploits2References3

Cvelist•added 2026/02/18 9:10 p.m.•23 views

CVE-2026-27179 MajorDoMo Unauthenticated SQL Injection in Commands Module

8.8CVSS0.00045EPSS

Exploits2References3

Positive Technologies•added 2026/02/18 12:0 a.m.•1 views

PT-2026-20515

Name of the Vulnerable Software and Affected Versions MajorDoMo affected versions not specified Description MajorDoMo contains an unauthenticated SQL injection issue in the commands module. The commands search.inc.php file directly uses the $ GET'parent' parameter in SQL queries without proper...

8.8CVSS5.9AI score0.00045EPSS

Exploits2References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by