CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

137 matches found

Packet Storm•added 2026/02/10 12:0 a.m.•100 views

📄 openSIS Classic 9.2 Path Traversal

openSIS Classic version 9.2 suffers from a path traversal vulnerability that allows for local file inclusion. ============================================================================================================================================= | Title : openSIS Classic v 9.2 Path Traversa...

5.5AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2001-1501

Malware in sbrugna...

4.3CVSS6.4AI score0.00106EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2008-3586

Malware in sbrugna...

6.8CVSS6.2AI score0.00335EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2006-5550

Malware in sbrugna...

5CVSS6.4AI score0.00448EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2008-6688

Malware in sbrugna...

7.5CVSS6.4AI score0.0036EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2007-4236

Malware in sbrugna...

7.5CVSS6.4AI score0.00678EPSS

Exploits0References5

RedhatCVE•added 2025/05/23 7:46 a.m.•6 views

CVE-2024-25298

An issue was discovered in REDAXO version 5.15.1, allows attackers to execute arbitrary code and obtain sensitive information via modules.modules.php...

7.2CVSS7.5AI score0.00267EPSS

Exploits1References1

CVE•added 2024/10/15 12:0 a.m.•53 views

CVE-2024-35584

The OpenSIS Open Source Community Edition (versions 8.0–9.1, possibly earlier) contains a SQL injection flaw in Ajax.php, ForWindow.php, ForExport.php, Modules.php, and functions/HackingLogFnc.php. The root cause is direct concatenation of the HTTP_X_FORWARDED_FOR header value into SQL INSERT sta...

8.8CVSS8AI score0.85174EPSS

Exploits2References3Affected Software1

Packet Storm•added 2024/10/08 12:0 a.m.•312 views

PHP-Nuke Top Module SQL Injection

Exploit Title: PHP-Nuke SQL injection Top Module + protection Bypass Google Dork: intext: Powered by PHP-Nuke Date: 2024-10-07 Exploit Author: Emiliano Febbi Vendor Homepage: https://phpnuke.org/ Software Link: https://sourceforge.net/projects/phpnuke/files/phpnuke/ Version: 6.x New concept of...

7.4AI score

Exploits0

Veracode•added 2024/02/19 8:26 a.m.•15 views

Remote Code Execution (RCE)

redaxo/source is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of user-supplied input within the 'Template' functionality with in modules.modules.php, which allows attackers to execute arbitrary code...

7.2CVSS8.1AI score0.00267EPSS

Exploits1References2Affected Software1

OSV•added 2021/09/29 12:15 p.m.•11 views

CVE-2021-40651

OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.php modname parameter, which can disclose arbitrary file from the server's filesystem as long as the application has access to the file...

6.5CVSS6.6AI score

Exploits0References3

NVD•added 2021/09/29 12:15 p.m.•11 views

CVE-2021-40651

6.5CVSS0.76459EPSS

Exploits2References3

Prion•added 2021/09/29 12:15 p.m.•15 views

Design/Logic Flaw

4CVSS6.4AI score0.76459EPSS

Exploits2References3Affected Software1

CVE•added 2021/09/29 11:59 a.m.•71 views

CVE-2021-40651

CVE-2021-40651 affects OS4Ed OpenSIS Community 8.0. It is a local file inclusion in Modules.php (modname parameter) that can disclose arbitrary server files when the application has access to them, typically involving an authenticated user (e.g., login as Parent) to access the vulnerable page. Co...

6.5CVSS6.3AI score0.76459EPSS

Exploits2References3Affected Software1

Cvelist•added 2021/09/29 11:59 a.m.•17 views

CVE-2021-40651

6.5AI score0.76459EPSS

Exploits2References3

CNNVD•added 2021/09/29 12:0 a.m.•1 views

OS4Ed OpenSIS 路径遍历漏洞

OS4Ed OpenSIS is OS4Ed's commercial grade, secure, scalable and intuitive student information system, school management software. With all the features to run single or multiple organizations in one installation. Web-based, php code, MySQL database. A path traversal vulnerability exists in OS4Ed...

6.5CVSS6.5AI score0.76459EPSS

Exploits2References3

Packet Storm•added 2021/09/03 12:0 a.m.•162 views

OpenSIS 8.0 Directory Traversal

Exploit Title: OpenSIS 8.0 'modname' - Directory/Path Traversal Date: 09-02-2021 Exploit Author: Eric Salario Vendor Homepage: http://www.os4ed.com/ Software Link: https://opensis.com/download Version: 8.0 Tested on: Windows, Linux The 'modname' parameter in the 'Modules.php' is vulnerable to loc...

7.4AI score

Exploits0

OSV•added 2021/05/06 6:54 p.m.•16 views

GHSA-4CX9-7XQC-2JXM Reflected cross-site scripting in francoisjacquet/rosariosis

Reflected Cross-Site Scripting vulnerability in Modules.php in RosarioSIS Student Information System 6.5.1 allows remote attackers to execute arbitrary web script via embedding javascript or HTML tags in a GET request...

6.1CVSS6.1AI score0.00664EPSS

Exploits1References4

Github Security Blog•added 2021/05/06 6:54 p.m.•58 views

Reflected cross-site scripting in francoisjacquet/rosariosis

6.1CVSS5.6AI score0.00664EPSS

Exploits1References5Affected Software1

CNVD•added 2020/09/02 12:0 a.m.•2 views

OS4Ed openSIS Remote Code Execution Vulnerability

Open Solutions for Education openSIS is a U.S. Open Solutions for Education, Inc. open source student information management system . A remote code execution vulnerability exists in 'Modules.php' in OS4Ed openSIS 7.3, which stems from improper design or implementation during code development for ...

9.9CVSS8.4AI score0.32266EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by