CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

51 matches found

EUVD•added 2026/03/28 12:30 p.m.•1 views

EUVD-2016-10843

PInfo 0.6.9-5.1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -m parameter. Attackers can craft a malicious input string with 564 bytes of padding followed by a return address to overwrite the...

8.6CVSS6.4AI score0.00006EPSS

Exploits1References4

CVE•added 2026/03/28 11:58 a.m.•4 views

CVE-2016-20044

CVE-2016-20044 concerns PInfo 0.6.9-5.1, where a local buffer overflow via the -m parameter allows a local attacker to execute arbitrary code. The advisory describes crafting input with 564 bytes of padding followed by a return address to overwrite the instruction pointer and run shellcode with t...

8.6CVSS6.4AI score0.00006EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2026/03/28 11:58 a.m.•1 views

CVE-2016-20044 PInfo 0.6.9-5.1 Local Buffer Overflow via -m Parameter

8.6CVSS6.4AI score0.00006EPSS

Exploits1References3

Cvelist•added 2026/03/28 11:58 a.m.•28 views

CVE-2016-20044 PInfo 0.6.9-5.1 Local Buffer Overflow via -m Parameter

8.6CVSS0.00006EPSS

Exploits1References3

NVD•added 2026/02/03 10:16 p.m.•2 views

CVE-2020-37081

Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calendar.php that allow attackers to inject malicious SQL commands. Attackers can exploit vulnerable parameters like uid, pid, type, m, y, and code to compromise the database manageme...

7.1CVSS0.00035EPSS

Exploits0References4

RedhatCVE•added 2025/12/10 5:17 p.m.•1 views

CVE-2025-63737

Cross-site scripting XSS vulnerability in function urltestAction in file cliAction.php in Xinhu Rainrock RockOA 2.7.0 allows remote attackers to inject arbitrary web script or HTML via the m parameter to the task.php endpoint...

6.1CVSS6AI score0.00043EPSS

Exploits1References1

EUVD•added 2025/12/09 6:30 p.m.•1 views

EUVD-2025-202294

5.5AI score0.00043EPSS

Exploits1References2

NVD•added 2025/12/09 5:15 p.m.•6 views

CVE-2025-63737

6.1CVSS0.00043EPSS

Exploits1References1

CVE•added 2025/12/09 12:0 a.m.•6 views

CVE-2025-63737

Xinhu Rainrock RockOA 2.7.0 is affected by a Cross-site Scripting (XSS) vulnerability in the urltestAction function of cliAction.php. The issue allows remote attackers to inject arbitrary web scripts or HTML via the m parameter to the /task.php endpoint. The attack surface is the RockOA 2.7.0 dep...

6.1CVSS5.6AI score0.00043EPSS

Exploits1References1Affected Software1

Cvelist•added 2025/12/09 12:0 a.m.•18 views

CVE-2025-63737

0.00043EPSS

Exploits1References1

Positive Technologies•added 2025/12/09 12:0 a.m.•1 views

PT-2025-50096

Name of the Vulnerable Software and Affected Versions Xinhu Rainrock RockOA version 2.7.0 Description A cross-site scripting XSS issue exists in the urltestAction function within the cliAction.php file. This allows attackers to inject arbitrary web scripts or HTML code through the m parameter of...

6.1CVSS5.7AI score0.00043EPSS

Exploits1References3

NVD•added 2025/11/18 10:15 p.m.•4 views

CVE-2025-63229

The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains a reflected Cross-Site Scripting XSS vulnerability in the /main0.php endpoint. By injecting a malicious JavaScript payload into the ?m= query parameter, an attacker can execute arbitrary code in the victim's...

5.4CVSS0.00041EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2006-1539

Malware in sbrugna...

4.3CVSS6.4AI score0.00353EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-32131