CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

278 matches found

Vulnrichment•added 2026/04/12 12:28 p.m.•2 views

CVE-2019-25709 CF Image Hosting Script 1.6.5 Unauthorized Database Access

CF Image Hosting Script 1.6.5 allows unauthenticated attackers to download and decode the application database by accessing the imgdb.db file in the upload/data directory. Attackers can extract delete IDs stored in plaintext from the deserialized database and use them to delete all pictures via t...

9.8CVSS5.8AI score0.00607EPSS

Exploits1References4

NVD•added 2026/03/06 1:16 p.m.•6 views

CVE-2018-25180

Maitra 1.7.2 contains an sql injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the mailid parameter in outmail and inmail modules. Attackers can also download the SQLite database file directly from the application...

7.1CVSS0.00194EPSS

Exploits0References2

CVE•added 2026/03/06 12:19 p.m.•7 views

CVE-2018-25180

Maitra 1.7.2 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code via the mailid parameter in the outmail and inmail modules. The same flaw enables attackers to download the SQLite database file directly from the ...

7.1CVSS6.1AI score0.00194EPSS

Exploits0References2

Vulnrichment•added 2026/03/06 12:19 p.m.•4 views

CVE-2018-25180 Maitra 1.7.2 SQL Injection and Database File Download

7.1CVSS6.1AI score0.00194EPSS

Exploits0References2

CNNVD•added 2026/03/06 12:0 a.m.•4 views

Salzer Maitra SQL注入漏洞

Salzer Maitra is a business management software platform developed by the American company Salzer. Version 1.7.2 of Salzer Maitra contains a SQL injection vulnerability. This vulnerability stems from the mailid parameter in the outmail and inmail modules, which allows for SQL injections...

7.1CVSS6.1AI score0.00194EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 11:51 a.m.•10 views

CVE-2009-4765

CNR Hikaye Portal 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/hikaye.mdb...

5CVSS6.7AI score0.01353EPSS

Exploits1References1