CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

RedhatCVE•added 2026/01/09 12:10 p.m.•4 views

CVE-2018-18802

The Tubigan "Welcome to our Resort" 1.0 software allows CSRF via admin/modusers/controller.php?action=edit...

8.8CVSS7AI score0.00227EPSS

Exploits1References1

EUVD•added 2025/11/28 12:0 a.m.•3 views

EUVD-2025-199868

UsersController::edit in Cerebrate before 1.30 allows an authenticated non-privileged user to escalate their privileges e.g., obtain a higher role such as admin via the user-edit endpoint by supplying or modifying roleid or organisationid fields in the edit request...

9.4CVSS6.5AI score0.00052EPSS

Exploits0References4

Cvelist•added 2025/11/28 12:0 a.m.•6 views

CVE-2025-66385

9.4CVSS0.00052EPSS

Exploits0References3

OSV•added 2022/08/05 9:15 p.m.•2 views

CVE-2022-35163

Complete Online Job Search System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the UNAME parameter at /category/controller.php?action=edit...

4.8CVSS5.7AI score0.00257EPSS

Exploits1References1

OSV•added 2019/06/18 4:15 p.m.•2 views

CVE-2018-18802

The Tubigan "Welcome to our Resort" 1.0 software allows CSRF via admin/modusers/controller.php?action=edit...

8.8CVSS5.8AI score0.00227EPSS

Exploits1References2

OSV•added 2018/11/16 6:29 p.m.•2 views

CVE-2018-18794

School Event Management System 1.0 allows CSRF via user/controller.php?action=edit...

8.8CVSS5.8AI score0.00236EPSS

Exploits5References2