CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

33 matches found

Cvelist•added 2026/06/09 12:21 a.m.•36 views

CVE-2026-44755 Email Spoofing vulnerability in SAP Business Objects Business Intelligence Platform

SAP Business Objects Business Intelligence Platform does not sufficiently validate email sending parameters supplied by authenticated users, resulting in an email spoofing vulnerability.This vulnerability has a low impact on integrity and does not affect the confidentiality and availability of th...

4.3CVSS0.00109EPSS

Exploits0References2

EUVD•added 2026/06/09 12:21 a.m.•8 views

EUVD-2026-35287

4.3CVSS5.5AI score0.00109EPSS

Exploits0References2

CNNVD•added 2026/05/25 12:0 a.m.•10 views

Softneta MedDream PACS Server Premium SQL注入漏洞

Softneta MedDream PACS Server Premium is a medical image storage and reading platform from Softneta. A SQL injection vulnerability exists in Softneta MedDream PACS Server Premium version 6.7.1.1, which originates from malicious code injection via email parameters and could lead to execution of...

8.8CVSS6.2AI score0.00305EPSS

Exploits0References2

CNNVD•added 2026/03/24 12:0 a.m.•6 views

NetArt Media Vlog System SQL注入漏洞

NetArt Media Vlog System is a platform system developed by NetArt Media in Bulgaria, designed for building video blog websites and managing video content along with user interactions. The NetArt Media Vlog System has a SQL injection vulnerability. This vulnerability stems from SQL injection...

8.8CVSS5.9AI score0.00267EPSS

Exploits0References3

CNNVD•added 2026/03/12 12:0 a.m.•3 views

Netartmedia PHP Dating Site SQL注入漏洞

Netartmedia PHP Dating Site is a dating website system operated by the Bulgarian company Netartmedia. The Netartmedia PHP Dating Site has a SQL injection vulnerability, which stems from SQL injections in email parameters. This vulnerability could allow unverified attackers to manipulate database...

8.8CVSS5.9AI score0.00254EPSS

Exploits0References2

CNNVD•added 2026/03/12 12:0 a.m.•5 views

Netartmedia Deals Portal SQL注入漏洞

Netartmedia Deals Portal is a discount trading website system operated by the Bulgarian company Netartmedia. The Netartmedia Deals Portal has a SQL injection vulnerability, which stems from SQL injection attacks in email parameters. This vulnerability could allow unverified attackers to manipulat...

8.8CVSS5.9AI score0.00304EPSS

Exploits0References2

CNNVD•added 2026/03/12 12:0 a.m.•4 views

Netartmedia PHP Business Directory SQL注入漏洞

Netartmedia PHP Business Directory is a commercial directory website system developed by Netartmedia Company in Bulgaria. Version 4.2 of Netartmedia PHP Business Directory has a SQL injection vulnerability. This vulnerability stems from the Email parameters being subject to SQL injections, which...

8.8CVSS5.8AI score0.00304EPSS

Exploits0References2

CNNVD•added 2026/03/12 12:0 a.m.•5 views

Netartmedia Jobs Portal SQL注入漏洞

Netartmedia Jobs Portal is an online recruitment website system operated by the Bulgarian company Netartmedia. Version 6.1 of Netartmedia Jobs Portal has a SQL injection vulnerability. This vulnerability stems from SQL injection in email parameters, which could allow unverified attackers to...

8.8CVSS5.8AI score0.00318EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2009-4320

Malware in sbrugna...

4.3CVSS6.4AI score0.01065EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-53974

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00234EPSS

Exploits0References1

NVD•added 2025/09/22 2:15 p.m.•3 views

CVE-2025-10800

A weakness has been identified in itsourcecode Online Discussion Forum 1.0. The impacted element is an unknown function of the file /index.php. Executing manipulation of the argument email/password can lead to sql injection. The attack can be executed remotely. The exploit has been made available...

9.8CVSS0.00441EPSS

Exploits1References7

RedhatCVE•added 2025/05/22 10:35 p.m.•10 views

CVE-2022-26990

Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the firewall-local log function via the EmailAddress, SmtpServerName, SmtpUsername, and SmtpPassword parameters. This vulnerability allows attackers...

9.8CVSS8.6AI score0.02901EPSS

Exploits1References1

Cvelist•added 2024/10/25 12:0 a.m.•28 views

CVE-2022-30355

OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request to /profile/updateProfile via the userId and email parameters. Authentication is required...

0.00459EPSS

Exploits0References1

CNNVD•added 2024/08/28 12:0 a.m.•4 views

TYPO3 安全漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 that stems from an inability to validate email parameters that confirm an operation, resulting in an insecure direct object reference...

7.3CVSS6.5AI score0.00297EPSS

Exploits0References4

CNNVD•added 2024/07/09 12:0 a.m.•3 views

Online Discussion Forum Security Vulnerabilities

Online Discussion Forum is a forum website. A security vulnerability exists in Online Discussion Forum version 1.0, which originates from a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands via email parameters...

8.2CVSS8.6AI score0.00454EPSS

Exploits1References2

OSV•added 2022/05/13 1:13 a.m.•20 views

GHSA-4C5W-QQFG-GRF3 Symphony CMS XSS Vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in content/content.systempreferences.php in Symphony CMS before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via the 1 emailsendmailfromname, 2 emailsendmailfromaddress, 3 emailsmtpfromname, 4 emailsmtpfromaddress, 5...

6.1CVSS6.1AI score0.01767EPSS

Exploits1References6

Github Security Blog•added 2022/04/29 1:25 a.m.•31 views

Mailman Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the 1 email or 2 language parameters...

4.3CVSS6AI score0.04721EPSS

Exploits0References9Affected Software1

OSV•added 2022/04/29 1:25 a.m.•29 views

GHSA-82RM-28Q9-435P Mailman Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the 1 email or 2 language parameters...

4.3CVSS5.3AI score0.04721EPSS

Exploits0References8

CNVD•added 2022/04/07 12:0 a.m.•13 views

SourceCodester Employee Performance Evaluation SQL注入漏洞

SourceCodester Employee Performance Evaluation is a Php-based site builder for employee performance management from SourceCodester. sourceCodester Employee Performance Evaluation SQL injection vulnerability, which can be exploited by attackers to perform SQL injection via email parameters...

9.8CVSS4.2AI score0.01254EPSS

Exploits1References1

CNNVD•added 2022/04/05 12:0 a.m.•3 views

SourceCodester Employee Performance Evaluation System SQL注入漏洞

9.8CVSS5.8AI score0.01254EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by