CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

RedhatCVE•added 2026/01/09 12:32 p.m.•3 views

CVE-2023-31502

Altenergy Power Control Software C1.2.5 was discovered to contain a remote code execution RCE vulnerability via the component /models/managementmodel.php...

7.2CVSS8.4AI score0.00936EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-35807

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.00936EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 6:2 a.m.•1 views

CVE-2023-28343

OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/settimezone timezone parameter, because of settimezone in models/managementmodel.php...

9.8CVSS7.7AI score0.93791EPSS

Exploits5References1

OSV•added 2025/03/20 10:15 a.m.•2 views

CVE-2024-10273

In lunary-ai/lunary v1.5.0, improper privilege management in the models.ts file allows users with viewer roles to modify models owned by others. The PATCH endpoint for models does not have appropriate privilege checks, enabling low-privilege users to update models they should not have access to...

6.5CVSS7AI score

Exploits0References2

NVD•added 2023/05/11 10:15 p.m.•9 views

CVE-2023-31502

Altenergy Power Control Software C1.2.5 was discovered to contain a remote code execution RCE vulnerability via the component /models/managementmodel.php...

7.2CVSS7.5AI score0.00936EPSS

Exploits1References1

OSV•added 2023/05/11 10:15 p.m.•0 views

CVE-2023-31502

Altenergy Power Control Software C1.2.5 was discovered to contain a remote code execution RCE vulnerability via the component /models/managementmodel.php...

7.2CVSS7.6AI score

Exploits0References1

CNNVD•added 2023/05/11 12:0 a.m.•1 views

Altenergy Power System Control Software 数据伪造问题漏洞

Altenergy Power System Control Software is microinverter control software from Altenergy Power System. A security vulnerability exists in Altenergy Power System Control Software version C1.2.5, which was discovered to contain a Remote Code Execution RCE vulnerability via component...

7.2CVSS7.2AI score0.00936EPSS

Exploits1References2

NVD•added 2023/04/04 3:15 p.m.•11 views

CVE-2020-23327

Cross Site Scripting vulnerability found in ZblogCN ZblogPHP v.1.0 allows a local attacker to execute arbitrary code via a crafted payload in title parameter of the module management model...

6.1CVSS6.3AI score0.00341EPSS

Exploits1References1

OSV•added 2023/04/04 3:15 p.m.•0 views

CVE-2020-23327

Cross Site Scripting vulnerability found in ZblogCN ZblogPHP v.1.0 allows a local attacker to execute arbitrary code via a crafted payload in title parameter of the module management model...

6.1CVSS6AI score0.00341EPSS

Exploits1References1

Positive Technologies•added 2023/04/04 12:0 a.m.•2 views

PT-2023-11646 · Z Blogphp · Z-Blogphp

Name of the Vulnerable Software and Affected Versions: ZblogPHP version 1.0 Description: A Cross Site Scripting issue allows a local attacker to execute arbitrary code via a crafted payload in the title parameter of the module management model. Recommendations: For ZblogPHP version 1.0, avoid usi...

6.1CVSS6.2AI score0.00341EPSS

Exploits1References4

CNNVD•added 2023/04/04 12:0 a.m.•2 views

Z-BlogPHP 跨站脚本漏洞

Z-BlogPHP is an open source PHP-based blogging system for the Z-blog community. A security vulnerability exists in Z-BlogPHP version v.1.0. A local attacker exploited the vulnerability to execute arbitrary code via a specially crafted payload in the title parameter of the module management model...

6.1CVSS6.8AI score0.00341EPSS

Exploits1References2

Prion•added 2023/03/14 8:15 p.m.•15 views

Command injection

7.5CVSS9.8AI score0.93791EPSS

Exploits5References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by