CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2008-1181

Malware in sbrugna...

4.3CVSS6.4AI score0.00141EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-9614

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00387EPSS

Exploits0References3

RedhatCVE•added 2025/08/15 7:23 p.m.•3 views

CVE-2025-8922

A vulnerability was found in code-projects Job Diary 1.0. This affects an unknown part of the file /admin-inbox.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...

9.8CVSS7.7AI score0.00075EPSS

Exploits1References1

NVD•added 2025/04/03 1:15 p.m.•4 views

CVE-2025-22928

OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the cpid parameter at /modules/messages/Inbox.php...

9.8CVSS0.00387EPSS

Exploits0References2

Vulnrichment•added 2025/04/03 12:0 a.m.•6 views

CVE-2025-22928

OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the cpid parameter at /modules/messages/Inbox.php...

7.9AI score0.00387EPSS

Exploits0References2

CVE•added 2025/04/03 12:0 a.m.•41 views

CVE-2025-22928

OS4ED openSIS v7.0–v9.1 contains a SQL injection in the Inbox module (cp_id parameter at /modules/messages/Inbox.php). Root cause: lack of input sanitization allowing crafted cp_id values to affect the underlying query. Impact is indicated as high (CVSS 3.1: CRITICAL, 9.8) with potential unauthen...

9.8CVSS8.5AI score0.00387EPSS

Exploits0References2Affected Software1

CVE•added 2021/03/31 10:31 p.m.•82 views

CVE-2021-29349

CVE-2021-29349 affects Mahara 20.10 and is due to CSRF token validation failure on a POST request. An attacker can craft a request to module/multirecipientnotification/inbox.php pieform_delete_all_notifications that results in removing all messages from a mailbox, i.e., a server-side inbox wipe. ...

6.5CVSS6.6AI score0.00386EPSS

Exploits1References1Affected Software1

Prion•added 2008/03/06 12:44 a.m.•12 views

Cross site scripting

Cross-site scripting XSS vulnerability in account-inbox.php in TorrentTrader Classic 1.08 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

4.3CVSS6.1AI score0.00427EPSS

Exploits0References5Affected Software2

Prion•added 2008/03/06 12:44 a.m.•9 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerabilities in account-inbox.php in TorrentTrader Classic 1.08 allow remote attackers to perform certain actions as other users, as demonstrated by sending messages...

4.3CVSS7.7AI score0.00141EPSS

Exploits0References3Affected Software2

Cvelist•added 2008/03/06 12:0 a.m.•14 views

CVE-2008-1173

Cross-site scripting XSS vulnerability in account-inbox.php in TorrentTrader Classic 1.08 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

5.7AI score0.00427EPSS

Exploits0References5

CVE•added 2008/03/06 12:0 a.m.•39 views

CVE-2008-1172

CVE-2008-1172 describes a Cross-site request forgery (CSRF) vulnerability in the file account-inbox.php of TorrentTrader Classic 1.08. The issue allows remote attackers to perform certain actions as other users, demonstrated by sending messages. This vulnerability arises in the context of the aff...

4.3CVSS7.1AI score0.00141EPSS

Exploits0References3Affected Software2

Cvelist•added 2008/03/06 12:0 a.m.•10 views

CVE-2008-1172

7.1AI score0.00141EPSS

Exploits0References3

Prion•added 2007/08/20 10:17 p.m.•9 views

Sql injection

Multiple SQL injection vulnerabilities in TorrentTrader before 1.07 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to 1 account-inbox.php, 2 account-settings.php, and possibly 3 backend/functions.php...

7.5CVSS9.3AI score0.01408EPSS

Exploits0References8Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by