CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

In Frappe ERPNext 15.57.5, the function getmaterialrequestsbasedonsupplier at erpnext/stock/doctype/materialrequest/materialrequest.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the txt parameter...

8.2CVSS0.00044EPSS

Exploits1References2

Positive Technologies•added 2025/08/27 12:0 a.m.•2 views

PT-2025-34850 · Cgm · Cgm Clininet

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The system function is susceptible to accepting untrusted input from a user. When the EnableJSCaching option is enabled, it becomes possible to execute...

9.4CVSS6.8AI score0.0006EPSS

Exploits0References6

Cvelist•added 2025/08/22 12:0 a.m.•5 views

CVE-2025-50858

Reflected Cross-Site Scripting in the List MySQL Databases function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the action parameter...

0.00068EPSS

Exploits3References2

Positive Technologies•added 2025/08/01 12:0 a.m.•4 views

PT-2025-31656 · Unknown · Institute-Of-Current-Students

Name of the Vulnerable Software and Affected Versions: Institute-of-Current-Students version 1.0 Description: The software is susceptible to Incorrect Access Control. The mydetailsstudent.php endpoint allows unauthorized access to student details. The myds GET parameter accepts an email address a...

9.8CVSS6.3AI score0.00679EPSS

Exploits0References4

Cvelist•added 2025/07/26 3:27 a.m.•5 views

CVE-2025-50184 DbGate allows for File Traversal via file parameter

DbGate is cross-platform database manager. In versions 6.4.3-premium-beta.5 and below, DbGate is vulnerable to a directory traversal flaw. The file parameter is not properly restricted to the intended uploads directory. As a result, the endpoint that lists files within the upload directory can be...

7.1CVSS0.004EPSS

Exploits0References2

CNVD•added 2025/06/06 12:0 a.m.•3 views

Tenda CH22 Stack Buffer Overflow Vulnerability

The Tenda CH22 is an enterprise-grade wireless router for small to medium-sized businesses or home office environments. It supports single-band 2.4GHz wireless networks with a maximum transmission rate of up to 450Mbps. A stack buffer overflow vulnerability exists in the Tenda CH22. The...

9.8CVSS8.1AI score0.01646EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 10:17 a.m.•2 views

CVE-2024-32746

A cross-site scripting XSS vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the MENU parameter under the Menu module...

4.6CVSS5.7AI score0.00086EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by