CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2023/04/02 9:31 a.m.•16 views

CVE-2023-1798 EyouCMS login.php cross site scripting

A vulnerability, which was classified as problematic, has been found in EyouCMS up to 1.5.4. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument typename leads to cross site scripting. The attack may be launched remotely. The exploit has be...

4CVSS5.4AI score0.00341EPSS

CVE•added 2023/04/02 9:31 a.m.•45 views

CVE-2023-1798

CVE-2023-1798 affects EyouCMS versions up to 1.5.4. The vulnerability resides in login.php where manipulating the typename argument enables cross-site scripting. It can be triggered remotely and an exploit has been publicly disclosed. Affected product: EyouCMS; vulnerable function/file: login.php...

5.4CVSS4.3AI score0.00341EPSS

Positive Technologies•added 2023/04/02 12:0 a.m.•2 views

PT-2023-17255 · Eyoucms · Eyoucms

Name of the Vulnerable Software and Affected Versions: EyouCMS versions up to 1.5.4 Description: A problematic issue has been found in the file login.php, where the manipulation of the typename argument leads to cross site scripting. The attack can be launched remotely. Recommendations: For...

5.4CVSS6.4AI score0.00341EPSS

Exploits1References7

Prion•added 2023/03/30 8:15 p.m.•13 views

Sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument UUSERNAME leads to sql injection. It is possible to initiate the attack remotely. The...

7.5CVSS9.7AI score0.00238EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/03/30 8:0 p.m.•7 views

CVE-2023-1737 SourceCodester Young Entrepreneur E-Negosyo System login.php sql injection

7.5CVSS9.8AI score0.00238EPSS

Cvelist•added 2023/03/30 8:0 p.m.•13 views

CVE-2023-1737 SourceCodester Young Entrepreneur E-Negosyo System login.php sql injection

7.5CVSS10AI score0.00238EPSS

NVD•added 2023/03/25 6:15 p.m.•9 views

CVE-2016-15030

A vulnerability classified as problematic has been found in Arno0x TwoFactorAuth. This affects an unknown part of the file login/login.php. The manipulation of the argument from leads to open redirect. It is possible to initiate the attack remotely. This product does not use versioning. This is w...

6.1CVSS4.7AI score0.00183EPSS

Exploits0References4

Prion•added 2023/03/25 6:15 p.m.•11 views

Open redirect

5.8CVSS7AI score0.00183EPSS

Exploits0References4Affected Software1

Cvelist•added 2023/03/25 5:31 p.m.•15 views

CVE-2016-15030 Arno0x TwoFactorAuth login.php redirect

4CVSS6.3AI score0.00183EPSS

Exploits0References4

NVD•added 2023/03/20 10:15 a.m.•14 views

CVE-2023-1506

A vulnerability, which was classified as critical, was found in SourceCodester E-Commerce System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument UUSERNAME leads to sql injection. It is possible to launch the attack remotely. The complexity of an attack...

8.1CVSS6.7AI score0.00199EPSS

Prion•added 2023/03/20 10:15 a.m.•21 views

Sql injection

5.1CVSS9.7AI score0.00199EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/03/20 9:31 a.m.•18 views

CVE-2023-1506 SourceCodester E-Commerce System login.php sql injection

5.6CVSS8.6AI score0.00199EPSS

OSV•added 2023/03/18 9:15 a.m.•2 views

CVE-2023-1480

A vulnerability classified as critical was found in SourceCodester Monitoring of Students Cyber Accounts System 1.0. Affected by this vulnerability is an unknown functionality of the file login.php of the component POST Parameter Handler. The manipulation of the argument un leads to sql injection...

9.8CVSS5.7AI score

Exploits0References3

Prion•added 2023/03/18 9:15 a.m.•11 views

Sql injection

6.5CVSS9.7AI score0.00297EPSS

Cvelist•added 2023/03/18 9:0 a.m.•10 views

CVE-2023-1480 SourceCodester Monitoring of Students Cyber Accounts System POST Parameter login.php sql injection

6.5CVSS10AI score0.00297EPSS

CVE•added 2023/03/18 9:0 a.m.•46 views

CVE-2023-1480

CVE-2023-1480 affects SourceCodester Monitoring of Students Cyber Accounts System v1.0, specifically the login.php file in the POST Parameter Handler. The vulnerability arises from manipulation of the un parameter, which leads to SQL injection. This issue can be exploited remotely; public exploit...

9.8CVSS8.4AI score0.00297EPSS

NVD•added 2023/03/13 9:15 a.m.•10 views

CVE-2023-1368

A vulnerability was found in XHCMS 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php of the component POST Parameter Handler. The manipulation of the argument user leads to sql injection. The attack can be initiated remotely. The exploit has been...

9.8CVSS8.2AI score0.00305EPSS

Cvelist•added 2023/03/13 8:31 a.m.•15 views

CVE-2023-1368 XHCMS POST Parameter login.php sql injection

7.5CVSS10AI score0.00305EPSS

CVE•added 2023/03/13 8:31 a.m.•56 views

CVE-2023-1368

CVE-2023-1368 concerns XHCMS 1.0, specifically the POST Parameter Handler’s login.php. The vulnerability arises from unknown code in login.php where manipulating the POST parameter user enables SQL injection. Exploitation can be performed remotely, and multiple sources describe the issue as criti...

9.8CVSS8.9AI score0.00305EPSS