CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

60 matches found

RedhatCVE•added 2025/12/10 9:16 p.m.•3 views

CVE-2021-47702

OpenBMCS 2.4 contains a CSRF vulnerability that allows attackers to perform actions with administrative privileges by exploiting the sendFeedback.php endpoint. Attackers can submit malicious requests to trigger unintended actions, such as sending emails or modifying system settings...

5.3CVSS6.9AI score0.00159EPSS

Exploits2References1

RedhatCVE•added 2025/12/10 9:16 p.m.•4 views

CVE-2021-47701

OpenBMCS 2.4 allows an attacker to escalate privileges from a read user to an admin user by manipulating permissions and exploiting a vulnerability in the updateuserpermissions.php script. Attackers can submit a malicious HTTP POST request to PHP scripts in '/plugins/useradmin/' directory...

8.8CVSS7.1AI score0.00413EPSS

Exploits2References1

RedhatCVE•added 2025/12/10 9:16 p.m.•4 views

CVE-2021-47703

OpenBMCS 2.4 contains an unauthenticated SSRF vulnerability that allows attackers to bypass firewalls and initiate service and network enumeration on the internal network through the affected application, allowing hijacking of current sessions. Attackers can specify an external domain in the 'ip'...

7.2CVSS7.1AI score0.0027EPSS

Exploits2References1

RedhatCVE•added 2025/12/10 9:16 p.m.•3 views

CVE-2021-47704

OpenBMCS 2.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting arbitrary SQL code. Attackers can send GET requests to /debug/obixtest.php with malicious 'id' values to extract database information...

8.7CVSS8AI score0.00343EPSS

Exploits2References1

RedhatCVE•added 2025/12/10 9:16 p.m.•3 views

CVE-2021-47718

OpenBMCS 2.4 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive files by exploiting directory listing functionality. Attackers can browse directories like /debug/ and /php/ to discover configuration files, database credentials, and system...

8.7CVSS6.4AI score0.0046EPSS

Exploits2References1

EUVD•added 2025/12/09 9:31 p.m.•4 views

EUVD-2021-34737

5.3CVSS6.4AI score0.00159EPSS

Exploits2References5

EUVD•added 2025/12/09 9:31 p.m.•6 views

EUVD-2021-34735

8.7CVSS7.4AI score0.00343EPSS

Exploits2References5

OSV•added 2025/12/09 9:15 p.m.•2 views

CVE-2021-47718

7.5CVSS5.8AI score0.0046EPSS

Exploits2References4

NVD•added 2025/12/09 9:15 p.m.•5 views

CVE-2021-47718

8.7CVSS0.0046EPSS

Exploits2References4

OSV•added 2025/12/09 9:15 p.m.•4 views

CVE-2021-47703

7.2CVSS5.9AI score0.0027EPSS

Exploits2References4

OSV•added 2025/12/09 9:15 p.m.•1 views

CVE-2021-47704

6.5CVSS5.9AI score0.00343EPSS

Exploits2References4

NVD•added 2025/12/09 9:15 p.m.•3 views

CVE-2021-47704

8.7CVSS0.00343EPSS

Exploits2References4

NVD•added 2025/12/09 9:15 p.m.•5 views

CVE-2021-47703

7.2CVSS0.0027EPSS

Exploits2References4

OSV•added 2025/12/09 9:15 p.m.•3 views

CVE-2021-47702

4.3CVSS5.8AI score0.00159EPSS

Exploits2References4

NVD•added 2025/12/09 9:15 p.m.•7 views

CVE-2021-47702

5.3CVSS0.00159EPSS

Exploits2References4

NVD•added 2025/12/09 9:15 p.m.•3 views

CVE-2021-47701

8.8CVSS0.00413EPSS

Exploits2References3

OSV•added 2025/12/09 9:15 p.m.•3 views

CVE-2021-47701

8.8CVSS5.8AI score

Exploits0References3

CVE•added 2025/12/09 8:40 p.m.•9 views

CVE-2021-47718

OpenBMCS 2.4 is affected by an information disclosure vulnerability manifested through directory listing. The root cause is an enabled directory listing feature that allows unauthenticated attackers to browse sensitive paths such as /debug/ and /php/ to discover configuration files, database cred...

8.7CVSS6AI score0.0046EPSS

Exploits2References4Affected Software1