CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

NVD•added 2026/05/06 1:16 p.m.•7 views

CVE-2026-5081

Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure. Apache::Session::Generate::ModUniqueId added in version 1.54 uses the value of the UNIQUEID environment variable for the session id. The UNIQUEID variable is set by the Apache moduniqueid...

9.1CVSS0.00038EPSS

Exploits0References3

Cvelist•added 2026/05/06 12:16 p.m.•25 views

CVE-2026-5081 Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure

0.00038EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-14172

Malware in sbrugna...

7.2CVSS7AI score0.01028EPSS

Exploits1References2

Positive Technologies•added 2024/08/06 12:0 a.m.•2 views

PT-2024-25589 · Unknown · E-Negosyo System

Name of the Vulnerable Software and Affected Versions: E-Negosyo System version 1.0 Description: The issue allows an attacker to exploit a SQL injection vulnerability by sending a specially crafted query to the server. This could enable the retrieval of all information stored in the id variable i...

9.8CVSS7.2AI score0.00247EPSS

Exploits0References4

Cvelist•added 2023/06/20 12:0 a.m.•12 views

CVE-2020-21400

SQL injection vulnerability in gaozhifeng PHPMyWind v.5.6 allows a remote attacker to execute arbitrary code via the id variable in the modify function...

7.4AI score0.01028EPSS

Exploits1References1

Positive Technologies•added 2022/09/16 12:0 a.m.•2 views

PT-2022-24603 · Unknown · Garage Management System

Name of the Vulnerable Software and Affected Versions: Garage Management System version 1.0 Description: The issue allows for arbitrary code execution. This can be achieved via the "ip/garage/php action/editProductImage.php" endpoint, specifically by manipulating the id variable. Recommendations:...

7.2CVSS7.2AI score0.00991EPSS

Exploits1References4

Prion•added 2019/10/21 8:15 p.m.•14 views

Cross site scripting

An issue was discovered in FusionPBX up to 4.5.7. In the file app\conferencecontrols\conferencecontroldetails.php, an unsanitized id variable coming from the URL is reflected in HTML on 2 occasions, leading to XSS...

4.3CVSS6.2AI score0.00328EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/10/21 7:30 p.m.•9 views

CVE-2019-16968

6.2AI score0.00328EPSS

Exploits0References2

NVD•added 2009/09/08 10:30 a.m.•7 views

CVE-2008-7180

delquery1.php in Telephone Directory 2008 allows remote attackers to delete arbitrary contacts via a direct request with a modified id variable...

5CVSS6.7AI score0.02823EPSS

Exploits0References2

Cvelist•added 2009/09/08 10:0 a.m.•13 views

CVE-2008-7180

delquery1.php in Telephone Directory 2008 allows remote attackers to delete arbitrary contacts via a direct request with a modified id variable...

6.7AI score0.02823EPSS

Exploits0References2

exploitpack•added 2009/02/24 12:0 a.m.•25 views

Qwerty CMS - id SQL Injection

Qwerty CMS - id SQL Injection QWERTY CMS lite - SQL INJ Found: b3 from GraBBerZ.com = Injection in index.php variable: id http://site/index.php?act=publ&id=-3+UNION+SELECT+1,2,3,4,5 = Administrator Table: rkh8t5po Columns: secret873ktlW,pass459khyf Column with pass: pass459khyf Admin CP:...

0.1AI score

Exploits0

securityvulns•added 2008/07/22 12:0 a.m.•118 views

Maran PHP Blog Xss By Khashayar Fereidani

---------------------------------------------------------------- Script : Maran PHP Blog Type : XSS Pasive Method : GET Alert : Medium ---------------------------------------------------------------- Discovered by : Khashayar Fereidani a.k.a. Dr.Crash My Offical Website : HTTP://FEREIDANI.IR...

0.4AI score

Exploits0

Exploit DB•added 2008/06/14 12:0 a.m.•50 views

PHPMyCart 1.3 - 'cat' SQL Injection

PHPMyCart Injection Vulnerability Bug by: h0yt3r Script suffers from a not correctly verified category id variable which is used in SQL Querys. An Attacker can easily get sensitive information from the database by injecting unexpected SQL Querys. We dont get any SQL Errors when the Injection Quer...

7.4AI score

Exploits0

NVD•added 2004/12/31 5:0 a.m.•9 views

CVE-2004-2677

Format string vulnerability in qwik-smtpd.c in QwikMail SMTP qwik-smtpd 0.3 and earlier allows remote attackers to execute arbitrary code via format specifiers in the 1 clientRcptTo array, and the 2 Received and 3 messageID variables, possibly involving HELO and hostname arguments...

7.5CVSS7.8AI score0.22384EPSS

Exploits1References8

Packet Storm•added 2004/11/13 12:0 a.m.•16 views

phpbugtraq.txt

| | | | | \ | | | || | | | | | | | | |/ \ \ /\ / / | | | / | '| |/ / | | | | \ V V / | |/ / | | | | | |// // |/ ,|| ||\ http://www.howdark.com ---------------------------------------------------------------------------------------------------------------------------------- // Information...

7.4AI score

Exploits0

NVD•added 2002/12/31 5:0 a.m.•11 views

CVE-2002-1709

SQL injection vulnerability in BasiliX Webmail 1.10 allows remote attackers to obtain sensitive information or possibly modify data via the id variable...

6.4CVSS7.3AI score0.00288EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by