Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
πŸ”₯ Daily Hot!
πŸ’ͺ🏽 CPE Enhanced Advisories
πŸ•Ά Shadow Exploits
πŸ•΅πŸΌ Vulners CPE
πŸ” Security news
πŸ’» Exploit updates
πŸ“‘ Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
πŸ€– AI High Score
πŸ“° CVE Feed
show all

94 matches found

OSV
OSVβ€’added 2026/03/06 1:16 p.m.β€’2 views

CVE-2018-25199

OOP CMS BLOG 1.0 contains SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through multiple parameters. Attackers can inject SQL commands via the search parameter in search.php, pageid parameter in page.php, and id...

9.8CVSS6.2AI score
Exploits0References2
NVD
NVDβ€’added 2026/03/06 1:16 p.m.β€’4 views

CVE-2018-25199

OOP CMS BLOG 1.0 contains SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through multiple parameters. Attackers can inject SQL commands via the search parameter in search.php, pageid parameter in page.php, and id...

9.8CVSS0.00237EPSS
Exploits1References2
Vulnrichment
Vulnrichmentβ€’added 2026/03/06 12:19 p.m.β€’2 views

CVE-2018-25199 OOP CMS BLOG 1.0 SQL Injection via search parameter

OOP CMS BLOG 1.0 contains SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through multiple parameters. Attackers can inject SQL commands via the search parameter in search.php, pageid parameter in page.php, and id...

8.8CVSS6.1AI score0.00237EPSS
Exploits1References2
CVE
CVEβ€’added 2026/03/06 12:19 p.m.β€’10 views

CVE-2018-25199

CVE-2018-25199 affects OOP CMS BLOG 1.0, with concrete SQL injection flaws in multiple entry points. An unauthenticated attacker can inject SQL via the parameters: search (search.php), pageid (page.php), and id (posts.php) to retrieve database information, including table names, schema names, and...

9.8CVSS6.1AI score0.00237EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKBβ€’added 2026/03/06 12:19 p.m.β€’2 views

CVE-2018-25199

OOP CMS BLOG 1.0 contains SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through multiple parameters. Attackers can inject SQL commands via the search parameter in search.php, pageid parameter in page.php, and id...

8.8CVSS6.1AI score0.00237EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistβ€’added 2026/03/06 12:19 p.m.β€’25 views

CVE-2018-25199 OOP CMS BLOG 1.0 SQL Injection via search parameter

OOP CMS BLOG 1.0 contains SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through multiple parameters. Attackers can inject SQL commands via the search parameter in search.php, pageid parameter in page.php, and id...

8.8CVSS0.00237EPSS
Exploits1References2
Packet Storm
Packet Stormβ€’added 2025/12/17 12:0 a.m.β€’135 views

πŸ“„ HighPortal 12.x SQL Injection

HighPortal version 12.x remote SQL injection proof of concept exploit. ============================================================================================================================================= | Title : HighPortal v12.x SQL Injection Exploit | | Author : indoushka | | Tested o...

8.2AI score
Exploits0
Packet Storm
Packet Stormβ€’added 2025/12/16 12:0 a.m.β€’138 views

πŸ“„ HighCMS 12.x SQL Injection

HighCMS version 12.x remote SQL injection proof of concept exploit written in Python. ============================================================================================================================================= | Title : HighCMS v12.x SQL Injection Exploit | | Author : indoushka ...

8.2AI score
Exploits0
EUVD
EUVDβ€’added 2025/10/07 12:30 a.m.β€’1 views

EUVD-2006-4974

Malware in sbrugna...

4.3CVSS6.4AI score0.02596EPSS
Exploits1References5
EUVD
EUVDβ€’added 2025/10/07 12:30 a.m.β€’3 views

EUVD-2007-3412

Malware in sbrugna...

7.5CVSS6.4AI score0.02475EPSS
Exploits0References9
EUVD
EUVDβ€’added 2025/10/07 12:30 a.m.β€’3 views

EUVD-2010-4668

Malware in sbrugna...

7.5CVSS6.4AI score0.00387EPSS
Exploits1References4
EUVD
EUVDβ€’added 2025/10/07 12:30 a.m.β€’3 views

EUVD-2008-5468

Malware in sbrugna...

7.5CVSS6.4AI score0.00414EPSS
Exploits1References5
EUVD
EUVDβ€’added 2025/10/07 12:30 a.m.β€’2 views

EUVD-2008-5313

Malware in sbrugna...

7.5CVSS6.4AI score0.0105EPSS
Exploits2References8
EUVD
EUVDβ€’added 2025/10/07 12:30 a.m.β€’2 views

EUVD-2006-6140

Malware in sbrugna...

7.5CVSS6.4AI score0.03419EPSS
Exploits1References11
RedhatCVE
RedhatCVEβ€’added 2025/05/23 9:24 a.m.β€’2 views

CVE-2024-33328

A cross-site scripting XSS vulnerability in the component main.jsp of Lumisxp v15.0.x to v16.1.x allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the pageId parameter...

6.1CVSS5.8AI score0.00558EPSS
Exploits1References1
RedhatCVE
RedhatCVEβ€’added 2025/05/23 8:35 a.m.β€’4 views

CVE-2024-25530

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the PageID parameter at /WebUtility/getfindcondiction.aspx...

9.8CVSS8.4AI score0.00132EPSS
Exploits1References1
RedhatCVE
RedhatCVEβ€’added 2025/05/23 8:35 a.m.β€’3 views

CVE-2024-25531

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the PageID parameter at /WebUtility/SearchCondiction.aspx...

9.8CVSS8.4AI score0.00132EPSS
Exploits1References1
RedhatCVE
RedhatCVEβ€’added 2025/05/23 2:30 a.m.β€’3 views

CVE-2023-3677

The WooCommerce PDF Invoice Builder plugin for WordPress is vulnerable to SQL Injection via the pageId parameter in versions up to, and including, 1.2.89 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possibl...

8.8CVSS5.9AI score0.0056EPSS
Exploits0References1
RedhatCVE
RedhatCVEβ€’added 2025/05/22 1:15 a.m.β€’5 views

CVE-2010-4703

SQL injection vulnerability in default.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PageId parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

7.5CVSS8.5AI score0.00387EPSS
Exploits1References1
NVD
NVDβ€’added 2024/06/26 7:15 p.m.β€’12 views

CVE-2024-33328

A cross-site scripting XSS vulnerability in the component main.jsp of Lumisxp v15.0.x to v16.1.x allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the pageId parameter...

6.1CVSS0.00558EPSS
Exploits1References2
Rows per page
Query Builder