CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2013-4870

Malware in sbrugna...

6.5CVSS6.4AI score0.00459EPSS

Exploits3References6

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-48225

Malicious code in bioql PyPI...

4.9CVSS5.4AI score0.00444EPSS

Exploits1References2

RedhatCVE•added 2025/05/23 12:17 a.m.•4 views

CVE-2022-45326

An XML external entity XXE injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery SSRF attacks...

4.9CVSS6.9AI score0.00444EPSS

Exploits1References1

OSV•added 2022/12/06 5:15 p.m.•1 views

CVE-2022-45326

An XML external entity XXE injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery SSRF attacks...

4.9CVSS5.8AI score

Exploits0References2

NVD•added 2022/12/06 5:15 p.m.•13 views

CVE-2022-45326

An XML external entity XXE injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery SSRF attacks...

4.9CVSS0.00444EPSS

Exploits1References2

Prion•added 2022/12/06 5:15 p.m.•16 views

Design/Logic Flaw

An XML external entity XXE injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery SSRF attacks...

3.3CVSS5.1AI score0.00444EPSS

Exploits1References2Affected Software1

CVE•added 2022/12/06 12:0 a.m.•56 views

CVE-2022-45326

CVE-2022-45326 affects Kwoksys Kwok Information Server — vulnerable component: XML processing (XXE) leading to server-side request forgery (SSRF). Affected: versions before 2.9.5.SP31; root cause is an XML external entity vulnerability. Impact as described: remote authenticated users can trigger ...

4.9CVSS5AI score0.00444EPSS

Exploits1References2Affected Software1

Cvelist•added 2022/12/06 12:0 a.m.•12 views

CVE-2022-45326

An XML external entity XXE injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery SSRF attacks...

5.4AI score0.00444EPSS

Exploits1References2

CNNVD•added 2022/12/06 12:0 a.m.•1 views

Kwoksys Kwok Information Server 代码问题漏洞

Kwoksys Kwok Information Server is an open source IT management system from Kwoksys. A security vulnerability exists in versions prior to Kwoksys Kwok Information Server v2.9.5.SP31. An attacker could exploit this vulnerability to perform server-side request forgery SSRF attacks...

4.9CVSS5.4AI score0.00444EPSS

Exploits1References3

NVD•added 2013/10/11 9:55 p.m.•14 views

CVE-2013-5028

SQL injection vulnerability in IT/hardware-list.dll in Kwoksys Kwok Information Server before 2.8.5 allows remote authenticated users to execute arbitrary SQL commands via the 1 hardwareType, 2 hardwareStatus, or 3 hardwareLocation parameter in a search command...

6.5CVSS7.9AI score0.00459EPSS

Exploits3References4

Prion•added 2013/10/11 9:55 p.m.•10 views

Sql injection

6.5CVSS8.5AI score0.00459EPSS

Exploits3References4Affected Software1

Cvelist•added 2013/10/11 9:0 p.m.•23 views

CVE-2013-5028

7.9AI score0.00459EPSS

Exploits3References4

CVE•added 2013/10/11 9:0 p.m.•36 views

CVE-2013-5028

Kwoksys Kwok Information Server vulnerable to SQL injection in IT/hardware-list.dll (versions before 2.8.5). Affected component is the search command handling (hardwareType, hardwareStatus, hardwareLocation) with remote-authenticated access leading to arbitrary SQL execution. Root cause is improp...

6.5CVSS8.2AI score0.00459EPSS

Exploits3References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by