CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

82202 matches found

EUVD•added 2026/01/04 12:2 p.m.•3 views

EUVD-2026-0779

A vulnerability has been found in code-projects Online Product Reservation System 1.0. Affected by this issue is some unknown functionality of the file /handgunner-administrator/delete.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The explo...

7.5CVSS7.2AI score0.00466EPSS

Exploits1References8

Cvelist•added 2026/01/04 11:32 a.m.•24 views

CVE-2025-15443 CRMEB product_export sql injection

A vulnerability was identified in CRMEB up to 5.6.1. This issue affects some unknown processing of the file /adminapi/product/productexport. Such manipulation of the argument cateid leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used. T...

5.8CVSS0.00329EPSS

Exploits1References5

GithubExploit•added 2026/01/04 10:33 a.m.•123 views

sql_injections

No d...

7AI score

Exploits0

ATTACKERKB•added 2026/01/04 9:2 a.m.•4 views

CVE-2026-0576

A vulnerability was detected in code-projects Online Product Reservation System 1.0. Affected is an unknown function of the file /handgunner-administrator/prod.php of the component Parameter Handler. Performing a manipulation of the argument cat/price/name/model/serial results in sql injection. I...

9.8CVSS7.2AI score0.00374EPSS

Exploits1References6Affected Software1

CNNVD•added 2026/01/04 12:0 a.m.•5 views

CRMEB SQL注入漏洞

CRMEB is a Java mall system of CRMEB open source. A SQL injection vulnerability exists in CRMEB 5.6.1 and earlier versions, which originates from the incorrect operation of the parameter cateid in the file /adminapi/product/productexport, which could lead to a SQL injection attack...

7.2CVSS5.5AI score0.00329EPSS

Exploits1References6

CNNVD•added 2026/01/04 12:0 a.m.•2 views

编号撤回

Seeyon Zhiyuan OA Web Application System is a comprehensive office automation platform from Seeyon. A SQL injection vulnerability exists in Seeyon Zhiyuan OA Web Application System version 20251223 and earlier versions, which originates from the incorrect operation of the parameter unitCode in th...

7.2AI score0.00035EPSS

Exploits0References5

Positive Technologies•added 2026/01/04 12:0 a.m.•5 views

PT-2026-1185

Name of the Vulnerable Software and Affected Versions code-projects Online Product Reservation System version 1.0 Description A security issue exists in code-projects Online Product Reservation System 1.0. The issue affects an unknown function within the /handgunner-administrator/adminlogin.php...

7.5CVSS7.3AI score0.00374EPSS

Exploits1References12

Positive Technologies•added 2026/01/04 12:0 a.m.•3 views

PT-2026-1193

Name of the Vulnerable Software and Affected Versions Craft versions 5.0.0-RC1 through 5.8.20 Craft versions 3.0.0 through 4.16.16 Description Unauthenticated users can initiate database backup operations through certain administrative actions. This could lead to resource exhaustion or informatio...

8.3CVSS6.5AI score0.00471EPSS

Exploits1References8

Positive Technologies•added 2026/01/04 12:0 a.m.•5 views

PT-2026-1190

Name of the Vulnerable Software and Affected Versions code-projects Online Product Reservation System version 1.0 Description A flaw exists in an unknown functionality within the /handgunner-administrator/delete.php file. Manipulation of the ID parameter results in a SQL injection condition. This...

7.5CVSS7.3AI score0.00466EPSS

Exploits1References12

Tenable Nessus•added 2026/01/04 12:0 a.m.•4 views

TencentOS Server 4: util-linux (TSSA-2025:0975)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0975 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

6.1CVSS5.7AI score0.00176EPSS

Exploits0References2

RedhatCVE•added 2026/01/03 10:4 a.m.•13 views

CVE-2026-0546

A vulnerability was determined in code-projects Content Management System 1.0. This impacts an unknown function of the file search.php. This manipulation of the argument Value causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may ...

7.5CVSS7AI score0.00406EPSS

Exploits1References1

Cvelist•added 2026/01/02 7:2 p.m.•29 views

CVE-2026-0570 code-projects Online Music Site Feedback.php sql injection

A vulnerability was found in code-projects Online Music Site 1.0. This impacts an unknown function of the file /Frontend/Feedback.php. Performing a manipulation of the argument fname results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used...

7.5CVSS0.00385EPSS

Exploits1References5

Vulnrichment•added 2026/01/02 7:2 p.m.•3 views

CVE-2026-0570 code-projects Online Music Site Feedback.php sql injection

7.5CVSS7.2AI score0.00385EPSS

Exploits1References5

Vulnrichment•added 2026/01/02 6:32 p.m.•4 views

CVE-2026-0569 code-projects Online Music Site AlbumByCategory.php sql injection

A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown function of the file /Frontend/AlbumByCategory.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...

7.5CVSS6.8AI score0.00326EPSS

Exploits1References5

EUVD•added 2026/01/02 6:30 p.m.•1 views

EUVD-2026-0133

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

5.5AI score

Exploits0References1

EUVD•added 2026/01/02 6:30 p.m.•1 views

EUVD-2026-0114

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

5.5AI score

Exploits0References1