CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Cvelist•added 2025/11/04 1:15 p.m.•4 views

CVE-2025-41335 Missing Authorization vulnerability in CanalDenuncia.app

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'id' and ' 'idsociedad' in '/api/buscarEmpresaById.php'...

8.7CVSS0.00048EPSS

Exploits0References1

CVE•added 2025/11/04 1:15 p.m.•8 views

CVE-2025-41335

CVE-2025-41335 concerns CanalDenuncia.app and is tied to an information-disclosure vulnerability caused by missing authorization checks for parameters id and id_sociedad in the endpoint /api/buscarEmpresaById.php. Multiple connected sources (CNVD-2025-30334, RH-CVE-2025-41335, NVD/CVELIST/CNNVD e...

8.7CVSS6.3AI score0.00048EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2006-3381

Malware in sbrugna...

5.8CVSS6.4AI score0.00622EPSS

Exploits1References7

CVE•added 2025/08/07 12:0 a.m.•17 views

CVE-2023-41521

CVE-2023-41521 affects Student Attendance Management System v1, which contains multiple SQL injection flaws in createSessionTerm.php reachable via the id, termId, and sessionName parameters. The reported impact is severe (CVSS v3.1 base score 8.8, high confidentiality, integrity, and availability...

8.8CVSS7.9AI score0.00179EPSS

Exploits0References2Affected Software1

CNNVD•added 2025/01/30 12:0 a.m.•3 views

itsourcecode Tailoring Management System 注入漏洞

itsourcecode Tailoring Management System is a tailoring management system from itsourcecode open source. An injection vulnerability exists in version 1.0 of itsourcecode Tailoring Management System, which stems from the parameter id/amount/desc/inccat in the file /addpayment.php that can lead to...

9.8CVSS7AI score0.00049EPSS

Exploits1References5

CNNVD•added 2024/11/04 12:0 a.m.•1 views

Codezips Pet Shop Management System 安全漏洞

Codezips Pet Shop Management System is an open source pet store management system from Codezips. A security vulnerability exists in Codezips Pet Shop Management System version 1.0, which is caused by a SQL injection in the parameter id or name...

9.8CVSS7.9AI score0.00178EPSS

Exploits1References4

CNNVD•added 2023/12/27 12:0 a.m.•2 views

Medicine Tracker System SQL Injection Vulnerability

Medicine Tracker System is a medicine tracking system by Carlo Montero Personal Developer. A SQL injection vulnerability exists in SourceCodester Medicine Tracking System version 1.0, which stems from some unknown processing in /classes/Master.php that leads to SQL injection via the parameters...

9.8CVSS8AI score0.00048EPSS

Exploits1References2

Positive Technologies•added 2023/07/25 12:0 a.m.•3 views

PT-2023-26479 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions 9.4.0 through 9.5.41 ELTS TYPO3 versions 10.4.0 through 10.4.38 ELTS TYPO3 versions 11.5.0 through 11.5.29 TYPO3 versions 12.4.0 through 12.4.3 Description: In multi-site scenarios, enumerating the HTTP query parameters id and ...

5.3CVSS5AI score0.02247EPSS

Exploits0References10