CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/01/07 9:27 a.m.•3 views

CVE-2019-12564

In DouCo DouPHP v1.5 Release 20190516, remote attackers can view the database backup file via a brute-force guessing approach for data/backup/DyyyymmddThhmmss.sql filenames...

9.8CVSS7.1AI score0.00381EPSS

EUVD•added 2025/11/15 9:30 a.m.•2 views

EUVD-2025-197699

A vulnerability has been found in DouPHP up to 1.8 Release 20251022. This impacts an unknown function of the file upload/include/file.class.php. The manipulation of the argument File leads to unrestricted upload. Remote exploitation of the attack is possible. The exploit has been disclosed to the...

5.8CVSS4.5AI score0.00028EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-13121

Malware in sbrugna...

5.3CVSS5.5AI score0.00269EPSS

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-26701

Malware in sbrugna...

6.1CVSS6.3AI score0.0024EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-13118

Malware in sbrugna...

4.8CVSS5.1AI score0.00235EPSS

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-13112

Malware in sbrugna...

4.8CVSS5.1AI score0.00235EPSS

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-48757

Malicious code in bioql PyPI...

7.2CVSS5.1AI score0.00096EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-49243

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00213EPSS

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-29042

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00427EPSS

RedhatCVE•added 2025/05/23 9:49 a.m.•7 views

CVE-2024-7917

A vulnerability, which was classified as critical, has been found in DouPHP 1.7 Release 20220822. Affected by this issue is some unknown functionality of the file /admin/system.php of the component Favicon Handler. The manipulation of the argument sitefavicon leads to unrestricted upload. The...

7.2CVSS7AI score0.00096EPSS

RedhatCVE•added 2025/05/23 12:15 a.m.•6 views

CVE-2022-46438

A cross-site scripting XSS vulnerability in the /admin/articlecategory.php component of DouPHP v1.7 20221118 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the description parameter...

5.4CVSS5.8AI score0.00213EPSS

RedhatCVE•added 2025/05/22 10:29 p.m.•3 views

CVE-2022-24131

DouPHP v1.6 Release 20220121 is affected by Cross Site Scripting XSS through /admin/login.php in the background, which will lead to JavaScript code execution...

6.1CVSS6.2AI score0.00427EPSS

RedhatCVE•added 2025/05/22 6:35 p.m.•5 views

CVE-2021-3370

DouPHP v1.6 was discovered to contain a cross-site scripting XSS vulnerability via /admin/cloud.php...

6.1CVSS6.2AI score0.0024EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:4 a.m.•2 views

CVE-2018-20557

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/page.php?rec=edit has XSS via the pagename parameter...

RedhatCVE•added 2025/05/22 6:59 a.m.•4 views

CVE-2018-20559

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/product.php?rec=update has XSS via the name parameter...

RedhatCVE•added 2025/05/22 6:58 a.m.•4 views

CVE-2018-20561

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/article.php?rec=update has XSS via the title parameter...

RedhatCVE•added 2025/05/22 5:1 a.m.•3 views

CVE-2018-20564

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/productcategory.php?rec=update has XSS via the catname parameter...

RedhatCVE•added 2025/05/22 3:31 a.m.•2 views

CVE-2018-20558

An issue was discovered in DouCo DouPHP 1.5 20181221. admin/system.php?rec=update has XSS via the sitename parameter...

NVD•added 2025/02/06 5:15 p.m.•10 views

CVE-2024-57599

Cross Site Scripting vulnerability in DouPHP v.1.8 Release 20231203 allows attackers to execute arbitrary code via a crafted payload injected into the description parameter in /admin/article.php...

4.8CVSS0.00115EPSS