CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

137 matches found

CNNVD•added 2025/12/31 12:0 a.m.•3 views

Razgover 代码注入漏洞

Razgover is an online messaging application by Eli Nicksic Personal Developer. Razgover suffers from a code injection vulnerability that stems from incorrect manipulation of the parameter msg in the file Chattify/send.php, which could lead to a cross-site scripting attack...

5.1CVSS4.8AI score0.00019EPSS

Exploits0References3

Vulnrichment•added 2025/12/22 12:0 a.m.•1 views

CVE-2024-25814

MyNET up to v26.05 was discovered to contain a reflected cross-site scripting XSS vulnerability via the msg parameter...

5.7AI score0.00033EPSS

Exploits1References2

Cvelist•added 2025/12/22 12:0 a.m.•22 views

CVE-2024-25814

MyNET up to v26.05 was discovered to contain a reflected cross-site scripting XSS vulnerability via the msg parameter...

0.00033EPSS

Exploits1References2

RedhatCVE•added 2025/12/02 12:19 a.m.•2 views

CVE-2025-63526

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System within the abs.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg parameter,...

8.5CVSS5.8AI score0.00027EPSS

Exploits1References1

NVD•added 2025/12/01 3:15 p.m.•4 views

CVE-2025-63526

8.5CVSS0.00027EPSS

Exploits1References3

Cvelist•added 2025/12/01 12:0 a.m.•3 views

CVE-2025-63526

8.5CVSS0.00027EPSS

Exploits1References3

CVE•added 2025/12/01 12:0 a.m.•7 views

CVE-2025-63526

The affected product is the Blood Bank Management System (abs.php). The vulnerability is a cross-site scripting (XSS) flaw caused by improper sanitization/encoding of user input before rendering in the response. An attacker can inject malicious JavaScript into the msg parameter, which is executed...

8.5CVSS5.5AI score0.00027EPSS

Exploits1References3Affected Software1