CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

Positive Technologies•added 2026/02/06 12:0 a.m.•4 views

PT-2026-6772

Name of the Vulnerable Software and Affected Versions OpenSTAManager versions 2.9.8 and earlier Description OpenSTAManager contains a critical Time-Based Blind SQL Injection vulnerability in the article pricing completion handler. The application does not properly sanitize the idarticolo paramete...

8.7CVSS6.3AI score0.00013EPSS

Exploits3References7

Veracode•added 2017/07/30 9:53 p.m.•22 views

Feedback Activity Restriction Bypass

Moodle is vulnerable to feedback activity restriction bypass. The availability dates for feedback are not honored in complete.php allowing authenticated attackers to access the feedback activity when it shouldn't be available...

4.9CVSS6AI score0.00171EPSS

Exploits0References3Affected Software1

Openbugbounty•added 2017/01/13 10:25 a.m.•9 views

кизима.рф XSS vulnerability

Vulnerable URL: http://кизима.рф/complete.php?orderid=51891="="=xz Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 443582 VIP website status:| No Coordinated Disclosure Timeline:...

6.3AI score

Exploits0

UbuntuCve•added 2012/07/23 9:55 p.m.•13 views

CVE-2012-3395

SQL injection vulnerability in mod/feedback/complete.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to execute arbitrary SQL commands via crafted form data...

6.5CVSS6.2AI score0.00349EPSS

Exploits0References2

Prion•added 2008/10/31 6:9 p.m.•10 views

Cross site scripting

Cross-site scripting XSS vulnerability in complete.php in Simple PHP Scripts blog 0.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS6.1AI score0.00225EPSS

Exploits1References2Affected Software1

CVE•added 2008/10/31 4:42 p.m.•35 views

CVE-2008-4802

CVE-2008-4802 is described as a Cross-site scripting (XSS) vulnerability in complete.php of Simple PHP Scripts blog 0.3, where an attacker can inject arbitrary script or HTML via the id parameter. The root cause is unsanitized user input in that parameter. Affected product/component: Simple PHP S...

4.3CVSS5.7AI score0.00225EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by