CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

38 matches found

Tenable Nessus•added 2026/03/24 12:0 a.m.•1 views

MantisBT < 2.28.1 SOAP API Authentication Bypass (GHSA-phrq-pc6r-f6gh)

The version of MantisBT installed on the remote host is prior to 2.28.1. It is, therefore, affected by a vulnerability: - An authentication bypass vulnerability exists in the SOAP API due to improper type checking on the password parameter when running on MySQL family databases. Using a crafted...

9.8CVSS6AI score0.0014EPSS

Exploits0References2

OSV•added 2026/03/23 7:10 p.m.•0 views

CVE-2026-30849 MantisBT SOAP API has an authentication bypass vulnerability on MySQL

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions prior to 2.28.1 running on MySQL family databases are affected by an authentication bypass vulnerability in the SOAP API, as a result of an improper type checking on the password parameter. Other database backends are not...

9.3CVSS6AI score0.0014EPSS

Exploits0References4

RedhatCVE•added 2026/01/09 10:34 a.m.•2 views

CVE-2017-18411

The "addon domain conversion" feature in cPanel before 67.9999.103 can copy all MySQL databases to the new account SEC-285...

6.8CVSS6.8AI score0.00318EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2017-9526

Malware in sbrugna...

6.5CVSS6.6AI score0.0031EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-9527

Malware in sbrugna...

6.8CVSS6.7AI score0.00318EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-28375

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00068EPSS

Exploits3References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-30684

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00463EPSS

Exploits0References2

OSV•added 2025/08/22 7:15 p.m.•0 views

CVE-2025-50858

Reflected Cross-Site Scripting in the List MySQL Databases function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the action parameter...

6.1CVSS6AI score

Exploits0References2

Vulnrichment•added 2025/08/22 12:0 a.m.•2 views

CVE-2025-50858

6.8AI score0.00068EPSS

Exploits3References2

Packet Storm•added 2025/08/18 12:0 a.m.•87 views

📄 Easy Hosting Control Panel 20.04.1.b Cross Site Scripting

Easy Hosting Control Panel version 20.04.1.b suffers from multiple reflective cross site scripting vulnerabilities. Exploit Title: Easy Hosting Control Panel EHCP 20.04.1.b - Reflected Cross-Site Scripting in the List MySQL Databases function via action parameter. Date: Aug 18, 2025 Exploit Autho...

6.1CVSS6.5AI score0.00068EPSS

Exploits4

GithubExploit•added 2024/11/12 8:50 p.m.•270 views

Exploit for CVE-2024-32640

CVE-2024-32640 MySQL Blind SQL Injection Proof of Concept Thi...

9.8CVSS8AI score0.93717EPSS

Exploits3

SUSE CVE•added 2023/02/15 3:42 a.m.•3 views

SUSE CVE-2021-29625

Adminer is open-source database management software. A cross-site scripting vulnerability in Adminer versions 4.6.1 to 4.8.0 affects users of MySQL, MariaDB, PgSQL and SQLite. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a pdo...

7.5CVSS6.2AI score0.29507EPSS

Exploits1References3

Cvelist•added 2022/07/18 12:0 a.m.•10 views

CVE-2022-26117

An empty password in configuration file vulnerability CWE-258 in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.3 and below may allow an authenticated attacker to access the MySQL databases via the CLI...

8.8CVSS8.8AI score0.00463EPSS

Exploits0References2

Vulnrichment•added 2022/07/18 12:0 a.m.•10 views

CVE-2022-26117

8.8CVSS6.8AI score0.00463EPSS

Exploits0References2

CNVD•added 2021/04/16 12:0 a.m.•8 views

Wordpress XXE Vulnerability

WordPress is a blogging platform developed using the PHP language. Users can set up their own websites on servers that support PHP and MySQL databases, or use WordPress as a content management system CMS. A XXE vulnerability exists in Wordpress versions 5.6 - 5.7. The vulnerability stems from an...

7.1CVSS6.5AI score0.89975EPSS

Exploits20References1

OSV•added 2020/12/15 4:4 p.m.•36 views

ALSA-2020:5503 Moderate: mariadb-connector-c security, bug fix, and enhancement update

The MariaDB Native Client library C driver is used to connect applications developed in C/C++ to MariaDB and MySQL databases. The following packages have been upgraded to a later upstream version: mariadb-connector-c 3.1.11. BZ1898993 Security Fixes: mysql: C API unspecified vulnerability CPU Apr...

8.8CVSS7.1AI score0.00702EPSS

Exploits0References6