CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

38 matches found

CVE-2026-55740

CVE-2026-55740 affects Nur-Alam39 bus-ticket. The vulnerability is an unauthenticated SQL injection in bus_info.php where the busid parameter from an HTTP POST is concatenated directly into the query: select * from bus_info where id=$busid. This occurs in a numeric context and is not sanitized, e...

9.8CVSS5.9AI score0.00366EPSS

Exploits0References2

Cvelist•added 6 days ago•25 views

CVE-2026-55740 SQL Injection in Nur-Alam39 bus-ticket bus_info.php via busid parameter

Nur-Alam39 bus-ticket no released versions; latest commit 459cabdbeb99c00225b26e46e3c2c30ae1de7bad contains an unauthenticated SQL injection vulnerability in businfo.php. The busid parameter received via HTTP POST is concatenated directly into a MySQL query select from businfo where id=$busid...

9.8CVSS0.00366EPSS

Exploits0References2

GithubExploit•added 2026/05/01 4:44 a.m.•98 views

Metasploitable2-VAPT

Internal Host VAPT Assessment | Kali Linux + Metasploitable2...

6.5AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2009-0620

Malware in sbrugna...

10CVSS6.2AI score0.02146EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-5595

Malware in sbrugna...

7.8CVSS7.7AI score0.00405EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2007-2547

Malware in sbrugna...

7.8CVSS9.2AI score0.01418EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2006-0154

Malware in sbrugna...

7.5CVSS6AI score0.12941EPSS

Exploits1References45

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-3122

Malicious code in bioql PyPI...

7CVSS6.9AI score0.00284EPSS

Exploits0References6

CVE•added 2025/10/02 4:13 p.m.•11 views

CVE-2025-34210

The CVE concerns Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SAAS deployments). The connected sources confirm that sensitive credentials (database passwords, MySQL root password, SaaS keys, Portainer admin password, etc.) are stored in cleartext files that are ...

9.4CVSS6.1AI score0.00142EPSS

Exploits1References4Affected Software2

RedhatCVE•added 2025/09/21 7:25 p.m.•12 views

CVE-2025-34205

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 VA and SaaS deployments contains dangerous PHP dead code present in multiple Docker-hosted PHP instances. A script named /var/www/app/resetroot.php found in several containers...

9.8CVSS8.9AI score0.01322EPSS

Exploits1References1

OSV•added 2025/09/19 7:15 p.m.•3 views

CVE-2025-34205

9.8CVSS6.5AI score0.01322EPSS

Exploits1References4

NVD•added 2025/09/19 7:15 p.m.•6 views

CVE-2025-34205

9.8CVSS0.01322EPSS

Exploits1References4

Cvelist•added 2025/09/19 6:50 p.m.•8 views

CVE-2025-34205 Vasion Print (formerly PrinterLogic) Dangerous PHP Dead Code Enables RCE

9.3CVSS0.01322EPSS

Exploits1References4

CVE•added 2025/09/19 6:50 p.m.•21 views

CVE-2025-34205

Vusion Print (formerly PrinterLogic) Virtual Appliance Host prior to 22.0.843 and Application prior to 20.0.1923 contain dangerous PHP dead code. The file /var/www/app/resetroot.php lacks authentication, enabling an attacker to reset the MySQL root password and gain full database control; separat...

9.8CVSS8.6AI score0.01322EPSS

Exploits1References4Affected Software2

RedhatCVE•added 2025/05/22 8:14 a.m.•5 views

CVE-2019-14389

cPanel before 82.0.2 allows local users to discover the MySQL root password SEC-510...

7.8CVSS6.8AI score0.00405EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 7:36 p.m.•11 views

CVE-2009-0617

Cisco Application Networking Manager ANM before 2.0 uses a default MySQL root password, which makes it easier for remote attackers to execute arbitrary operating-system commands or change system files...

10CVSS7.9AI score0.02146EPSS

Exploits1References1

OSV•added 2024/02/19 12:15 p.m.•2 views

CVE-2024-1345

Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to perform a brute force attack and easily discover the root password...

5.5CVSS5.8AI score0.00151EPSS

Exploits0References1

SUSE CVE•added 2023/02/15 6:16 a.m.•3 views

SUSE CVE-2006-0146

The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including 1 Mantis, 2 PostNuke, 3 Moodle, 4 Cacti, 5 Xaraya, 6 PHPOpenChat, 7 MAXdev MD-Pro, and 8 MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via...

7.5CVSS8.7AI score0.12941EPSS

Exploits1References3

The Hacker News•added 2022/07/06 9:51 p.m.•92 views

Cisco and Fortinet Release Security Patches for Multiple Products

Cisco on Wednesday rolled out patches for 10 security flaws spanning multiple products, one of which is rated Critical in severity and could be weaponized to conduct absolute path traversal attacks. The issues, tracked as CVE-2022-20812 and CVE-2022-20813, affect Cisco Expressway Series and Cisco...

1.8AI score0.01741EPSS

Exploits0

CNNVD•added 2022/07/05 12:0 a.m.•4 views

Fortinet FortiNAC 安全漏洞

Fortinet FortiNAC is a set of network access control solutions from the U.S. company Fita Fortinet. The product is primarily used for network access control and IoT security. A security vulnerability exists in Fortinet FortiNAC, which originates from a root account that accesses the MySQL databas...

8.8CVSS8.2AI score0.00876EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by