CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

44 matches found

NVD•added 2026/04/22 3:16 a.m.•1 views

CVE-2026-41457

OwnTone Server versions 28.4 through 29.0 contain a SQL injection vulnerability in DAAP query and filter handling that allows attackers to inject arbitrary SQL expressions by supplying malicious values through the query= and filter= parameters for integer-mapped DAAP fields. Attackers can exploit...

6.9CVSS0.00052EPSS

Exploits0References2

EUVD•added 2026/04/17 6:31 a.m.•3 views

EUVD-2026-23352

The Form Maker by 10Web plugin for WordPress is vulnerable to SQL Injection via the 'ipsearch', 'startdate', 'enddate', 'usernamesearch', and 'useremailsearch' parameters in all versions up to, and including, 1.15.40. This is due to the WDWFMLibrary::validatedata method calling stripslashes on us...

4.9CVSS5.9AI score0.00019EPSS

Exploits0References9

EUVD•added 2026/03/21 6:30 a.m.•3 views

EUVD-2026-14150

The Task Manager plugin for WordPress is vulnerable to arbitrary shortcode execution via the 'search' AJAX action in all versions up to, and including, 3.0.2. This is due to missing capability checks in the callbacksearch function and insufficient input validation that allows shortcode syntax...

6.5CVSS6.1AI score0.00057EPSS

Exploits0References8

VulnCheck KEV•added 2026/02/25 12:0 a.m.•57 views

VulnCheck KEV: CVE-2024-3495

The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Injection via the ‘cnt’ and 'sid' parameters in versions up to, and including, 2.7.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes i...

9.8CVSS5.9AI score0.93237EPSS

In wildExploits1References2

Cvelist•added 2026/01/12 12:0 a.m.•17 views

CVE-2025-51567

A SQL Injection was found in the /exam/user/profile.php page of kashipara Online Exam System V1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the rname, rcollage, rnumber, rgender and rpassword parameters in a POST HTTP request...

0.0007EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2008-1551

Malware in sbrugna...

4.3CVSS6.4AI score0.00285EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2006-2688

Malware in sbrugna...

6.8CVSS6.4AI score0.00726EPSS

Exploits1References6