CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

54 matches found

Positive Technologies•added 2026/06/03 12:0 a.m.•10 views

PT-2026-45898

Name of the Vulnerable Software and Affected Versions SourceCodester Pizzafy E-Commerce System version 1.0 Description An SQL injection issue exists in the Administrative Control Panel component. The Login function within the /admin/admin class novo.php file is susceptible to remote attacks throu...

7.5CVSS7.4AI score0.00044EPSS

Exploits0References10

CNNVD•added 2026/05/07 12:0 a.m.•5 views

open-notebook 安全漏洞

Open-Notebook is a privacy-oriented multi-model AI note-taking tool developed by Luis Novo. Version 1.8.3 of Open-Notebook contains a security vulnerability. This vulnerability stems from a lack of user input validation in the file upload function, which may allow users to access the content of...

8.2CVSS5.8AI score0.00067EPSS

Exploits0References1

NVD•added 2026/04/29 5:16 p.m.•1 views

CVE-2026-7393

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function savemenu of the file /admin/adminclassnovo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. The attack is possible to be...

5.8CVSS0.0005EPSS

Exploits1References5

Vulnrichment•added 2026/04/29 5:0 p.m.•0 views

CVE-2026-7393 SourceCodester Pizzafy Ecommerce System File Extension admin_class_novo.php save_menu unrestricted upload

5.8CVSS4.8AI score0.0005EPSS

Exploits1References5

Positive Technologies•added 2026/04/29 12:0 a.m.•1 views

PT-2026-35959

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function save menu of the file /admin/admin class novo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. The attack is possible to be...

5.8CVSS4.8AI score0.0005EPSS

Exploits1References6

CNNVD•added 2026/04/29 12:0 a.m.•4 views

SourceCodester Pizzafy Ecommerce System 访问控制错误漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System contains a security vulnerability related to access control. This vulnerability arises from improper handling of the img parameter in...

5.8CVSS5.7AI score0.0005EPSS

Exploits1References1

RedhatCVE•added 2026/04/27 1:22 p.m.•1 views

CVE-2026-6990

A vulnerability was found in projeto-siga siga 11.0.3.18. The affected element is an unknown function of the file /sigawf/app/responsavel/novo. Performing a manipulation of the argument Nome/Descrição results in cross site scripting. The attack can be initiated remotely. The exploit has been made...

5.1CVSS3.6AI score0.00013EPSS

Exploits0References1

EUVD•added 2026/04/25 5:30 p.m.•2 views

EUVD-2026-25666

5.1CVSS3.6AI score0.00013EPSS

Exploits0References6

ATTACKERKB•added 2026/04/25 5:30 p.m.•1 views

CVE-2026-6990

5.1CVSS3.6AI score0.00013EPSS

Exploits0References6Affected Software1

Cvelist•added 2026/04/25 5:30 p.m.•29 views

CVE-2026-6990 projeto-siga novo cross site scripting

5.1CVSS0.00013EPSS

Exploits0References6

CNNVD•added 2026/04/25 12:0 a.m.•6 views

Siga 跨站脚本漏洞

Siga is an open-source administrative management system developed by projeto-siga, supporting document, process, identity, knowledge, and service management. Version 11.0.3.18 of Siga contains a cross-site scripting vulnerability. This vulnerability stems from an unknown function in the file...

5.1CVSS5.5AI score0.00013EPSS

Exploits0References2

RedhatCVE•added 2026/03/26 3:0 p.m.•1 views

CVE-2026-33135

WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting XSS vulnerability in the novomemorandoo.php endpoint. An attacker can inject arbitrary JavaScript into the sccs GET parameter, which is directly echoed into the HTML response without...

9.3CVSS6AI score0.00052EPSS

Exploits1References1

NVD•added 2026/03/20 11:18 a.m.•3 views

CVE-2026-33135

9.3CVSS0.00052EPSS

Exploits1References3

EUVD•added 2026/03/20 10:38 a.m.•3 views

EUVD-2026-13680

9.3CVSS6AI score0.00052EPSS

Exploits1References3

OSV•added 2026/03/20 10:38 a.m.•2 views

CVE-2026-33135 WeGIA has Reflected Cross-Site Scripting (XSS) in `novo_memorandoo.php` via `sccs` parameter

9.3CVSS6.1AI score0.00052EPSS

Exploits1References5

Cvelist•added 2026/03/20 10:38 a.m.•21 views

CVE-2026-33135 WeGIA has Reflected Cross-Site Scripting (XSS) in `novo_memorandoo.php` via `sccs` parameter

9.3CVSS0.00052EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-50433

Malicious code in bioql PyPI...

8.8CVSS9AI score0.00171EPSS

Exploits0References1

Positive Technologies•added 2025/09/24 12:0 a.m.•3 views

PT-2025-39356

🔵 Mangati NovoSGA, Cross-Site Scripting XSS, CVE-2025-40456 Low https://t.co/9VmFT9GHUe...

6.3AI score

Exploits0References1

OSV•added 2025/08/05 1:15 a.m.•4 views

CVE-2025-8538

A vulnerability has been found in Portabilis i-Educar 2.10 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /usuarios/tipos/novo. The manipulation of the argument name/description leads to cross site scripting. The attack can be launched...

4.8CVSS6.2AI score0.00193EPSS

Exploits1References5

CNNVD•added 2025/08/05 12:0 a.m.•2 views

Portábilis i-Educar 安全漏洞

Portábilis i-Educar is an application from Portábilis. It can easily help you with basic and technical education. A security vulnerability exists in Portábilis i-Educar version 2.10, which stems from improper handling of the parameter name/description in the file /usuarios/tipos/novo, which could...

4.8CVSS3.8AI score0.00193EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by