CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

CVE•added 2025/12/05 3:28 a.m.•11 views

CVE-2025-13066

CVE-2025-13066 refers to the WordPress plugin Demo Importer Plus (versions up to and including 2.0.6) with an authenticated file upload flaw: insufficient file-type validation allows WXR files, letting double-extension files bypass sanitization and upload arbitrary files. The vulnerability requir...

8.8CVSS7.1AI score0.00092EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-17688

Malware in sbrugna...

6.1CVSS6.3AI score0.00301EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-5581

Malware in sbrugna...

8.3CVSS8.1AI score0.00178EPSS

Exploits1References3

RedhatCVE•added 2025/05/22 10:1 a.m.•6 views

CVE-2019-8290

Vulnerability in Online Store v1.0, The registration form requirements for the member email format can be bypassed by posting directly to sentregister.php allowing special characters to be included and an XSS payload to be injected...

6.1CVSS6.1AI score0.00301EPSS

Exploits1References1

SUSE CVE•added 2023/10/27 12:58 a.m.•1 views

SUSE CVE-2022-4886

Ingress-nginx path sanitization can be bypassed with logformat directive...

8.8CVSS7AI score0.00166EPSS

Exploits0References4

Hacker One•added 2020/09/25 3:39 a.m.•85 views

CS Money: Bypass Filter on link of build

Summary: Hello team, I found that a valid build will have a link with the following format https://3d.cs.money/item/0UkWN8vh2R If you save a build with /api/build/save. It will return a link to sync with your save builds The bug occurs when web app sync, you can custom the link of build with...

7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by