CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-22156

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00295EPSS

Exploits0References1

RedhatCVE•added 2025/07/23 12:57 a.m.•6 views

CVE-2025-51868

Insecure Direct Object Reference IDOR vulnerability in Dippy chat.dippy.ai v2 allows attackers to gain sensitive information via the conversationid parameter to the conversationhistory endpoint...

7.5CVSS7AI score0.00295EPSS

Exploits0References1

NVD•added 2025/07/21 8:15 p.m.•3 views

CVE-2025-51868

Insecure Direct Object Reference IDOR vulnerability in Dippy chat.dippy.ai v2 allows attackers to gain sensitive information via the conversationid parameter to the conversationhistory endpoint...

7.5CVSS0.00295EPSS

Exploits0References1

Cvelist•added 2025/07/21 12:0 a.m.•7 views

CVE-2025-51868

Insecure Direct Object Reference IDOR vulnerability in Dippy chat.dippy.ai v2 allows attackers to gain sensitive information via the conversationid parameter to the conversationhistory endpoint...

0.00295EPSS

Exploits0References1

CVE•added 2025/07/21 12:0 a.m.•11 views

CVE-2025-51868

CVE-2025-51868 describes an Insecure Direct Object Reference (IDOR) in Dippy v2. An attacker can access sensitive information through the conversation_id parameter of the conversation_history endpoint, leading to disclosure of other users’ conversation histories. Affected: Dippy version 2 (chat.d...

7.5CVSS6.3AI score0.00295EPSS

Exploits0References1

Vulnrichment•added 2025/07/21 12:0 a.m.•4 views

CVE-2025-51868

Insecure Direct Object Reference IDOR vulnerability in Dippy chat.dippy.ai v2 allows attackers to gain sensitive information via the conversationid parameter to the conversationhistory endpoint...

6.3AI score0.00295EPSS

Exploits0References1

RedhatCVE•added 2025/02/14 7:51 a.m.•4 views

CVE-2024-34934

A SQL injection vulnerability in /view/emarksrangegradeupdateform.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the conversationid parameter...

9.8CVSS8.5AI score0.00122EPSS

Exploits1References1

OSV•added 2024/05/23 5:15 p.m.•0 views

CVE-2024-34934

9.8CVSS6.1AI score

Exploits0References1

Cvelist•added 2024/05/23 4:33 p.m.•14 views

CVE-2024-34934

8.1AI score0.00122EPSS

Exploits1References1

Vulnrichment•added 2024/05/23 4:33 p.m.•13 views

CVE-2024-34934

8.8AI score0.00122EPSS

Exploits1References1

0day.today•added 2021/09/15 12:0 a.m.•192 views

Support Board 3.3.3 - Multiple SQL Injection (Unauthenticated) Vulnerability

Exploit Title: Support Board 3.3.3 - 'Multiple' SQL Injection Unauthenticated Exploit Author: John Jefferson Li Vendor Homepage: https://board.support/ Software Link: https://codecanyon.net/item/support-board-help-desk-and-chat/20359943 Version: 3.3.3 Tested on: Ubuntu 20.04.2 LTS ----- PoC 1:...

0.6AI score

Exploits0

NVD•added 2004/12/31 5:0 a.m.•7 views

CVE-2004-2246

Cross-site scripting XSS vulnerability in Goollery before 0.04b allows remote attackers to inject arbitrary HTML or web script via the conversationid parameter to viewpic.php...

4.3CVSS5.8AI score0.00533EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by