CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

101 matches found

RedhatCVE•added 2026/02/19 1:28 a.m.•2 views

CVE-2025-65791

ZoneMinder v1.36.34 is vulnerable to Command Injection in web/views/image.php. The application passes unsanitized user input directly to the exec function. NOTE: this is disputed by the Supplier because there is no unsanitized user input to web/views/image.php...

9.8CVSS5.8AI score0.00277EPSS

Exploits2References1

Tenable Nessus•added 2026/02/19 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2025-65791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ZoneMinder v1.36.34 is vulnerable to Command Injection in web/views/image.php. The application passes unsanitized user input directly to the exec function. NOTE...

9.8CVSS5.8AI score0.00277EPSS

Exploits2References3

OSV•added 2026/02/18 4:22 p.m.•2 views

UBUNTU-CVE-2025-65791

9.8CVSS5.8AI score0.00277EPSS

Exploits2References3

Vulnrichment•added 2026/02/18 12:0 a.m.•1 views

CVE-2025-65791

5.8AI score0.00277EPSS

Exploits2References1

CNNVD•added 2026/02/18 12:0 a.m.•4 views

ZoneMinder 安全漏洞

ZoneMinder is an open-source video monitoring software system developed by ZoneMinder. This system supports IP, USB, and analog cameras. Version 1.36.34 of ZoneMinder contains a security vulnerability. This vulnerability stems from user input that is passed directly into the exec function in...

9.8CVSS5.8AI score0.00277EPSS

Exploits2References2

Cvelist•added 2026/02/18 12:0 a.m.•31 views

CVE-2025-65791

0.00277EPSS

Exploits2References1

GithubExploit•added 2026/02/03 5:32 a.m.•268 views

Exploit for CVE-2025-65791

CVE-2025-65791 — Command Injection in ZoneMinder Overview...

6.8AI score0.00277EPSS

Exploits2

OSV•added 2026/01/13 11:15 p.m.•2 views

CVE-2022-50939

e107 CMS version 3.2.1 contains a critical file upload vulnerability that allows authenticated administrators to override arbitrary server files through path traversal. The vulnerability exists in the Media Manager's remote URL upload functionality image.php where the uploadcaption parameter is n...

8.6CVSS5.9AI score0.0078EPSS

Exploits1References4

CVE•added 2026/01/13 10:52 p.m.•3 views

CVE-2022-50939

CVE-2022-50939 (e107 CMS 3.2.1) affects the Media Manager’s remote URL upload (image.php) in the admin interface. The upload_caption parameter is not properly sanitized, allowing an authenticated administrator to use directory traversal (../../../) to overwrite arbitrary files outside the intende...

8.6CVSS6.8AI score0.0078EPSS

Exploits1References4Affected Software1

Positive Technologies•added 2026/01/13 12:0 a.m.•2 views

PT-2026-2415

Name of the Vulnerable Software and Affected Versions e107 CMS version 3.2.1 Description e107 CMS version 3.2.1 has a file upload issue. Authenticated administrators can overwrite server files using path traversal. The issue is located in the Media Manager’s remote URL upload functionality,...

8.6CVSS6.9AI score0.0078EPSS

Exploits1References6

CNNVD•added 2025/10/19 12:0 a.m.•2 views

e107 路径遍历漏洞

e107 is an open source, free and PHP and MySQL based Content Management System CMS from the E107 team. The system supports a variety of plug-ins and appearance themes, and can be used as a personal blog, discussion community, archive repository and so on. A path traversal vulnerability exists in...

8.1CVSS5.4AI score0.00121EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2013-2570

Malware in sbrugna...

5.3CVSS5.6AI score0.00286EPSS

Exploits2References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2008-2444

Malware in sbrugna...

4.3CVSS6.4AI score0.00234EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2005-4239

Malware in sbrugna...

7.5CVSS6.4AI score0.00726EPSS

Exploits1References7

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-32947

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00145EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-14991

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00197EPSS

Exploits1References5

Vulnrichment•added 2025/05/01 8:0 a.m.•8 views

CVE-2025-4156 PHPGurukul Boat Booking System change-image.php sql injection

A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/change-image.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...

6.5CVSS7.8AI score0.00197EPSS

Exploits1References5

Cvelist•added 2025/05/01 8:0 a.m.•21 views

CVE-2025-4156 PHPGurukul Boat Booking System change-image.php sql injection

6.5CVSS0.00197EPSS

Exploits1References5

Positive Technologies•added 2025/01/01 12:0 a.m.•2 views

PT-2026-20460

Name of the Vulnerable Software and Affected Versions ZoneMinder version 1.36.34 Description ZoneMinder version 1.36.34 contains a command injection flaw in the 'web/views/image.php' file. The application directly passes unsanitized user input to the exec function, potentially allowing for...

9.8CVSS5.6AI score0.00277EPSS

Exploits2References13

OSV•added 2024/11/20 3:15 p.m.•0 views

CVE-2024-51208

File Upload vulnerability in change-image.php in Anuj Kumar's Boat Booking System version 1.0 allows local attackers to upload a malicious PHP script via the Image Upload Mechanism parameter...

7.2CVSS5.8AI score0.00137EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by