CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28 matches found

EUVD•added 2026/04/12 3:30 p.m.•3 views

EUVD-2019-20145

SpotFTP Password Recover 2.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized buffer in the Name field during registration. Attackers can generate a 256-byte payload, paste it into the Name input field, and trigger a crash...

6.9CVSS6AI score0.0001EPSS

Exploits1References3

NVD•added 2026/04/12 1:16 p.m.•0 views

CVE-2019-25711

6.9CVSS0.0001EPSS

Exploits1References2

ATTACKERKB•added 2026/04/12 12:28 p.m.•2 views

CVE-2019-25711

6.9CVSS6AI score0.0001EPSS

Exploits1References2Affected Software1

CVE•added 2026/04/12 12:28 p.m.•5 views

CVE-2019-25711

CVE-2019-25711 affects SpotFTP Password Recover 2.4.2. The vulnerability is a local, denial-of-service condition caused by accepting an oversized input in the Name field during registration, with a crafted 256-byte payload that crashes the application on submission. Public references (e.g., Explo...

6.9CVSS6AI score0.0001EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2026/04/12 12:28 p.m.•0 views

CVE-2019-25711 SpotFTP Password Recover 2.4.2 Denial of Service via Name Field

6.9CVSS6AI score0.0001EPSS

Exploits1References2

Cvelist•added 2026/04/12 12:28 p.m.•21 views

CVE-2019-25711 SpotFTP Password Recover 2.4.2 Denial of Service via Name Field

6.9CVSS0.0001EPSS

Exploits1References2

Positive Technologies•added 2026/04/12 12:0 a.m.•0 views

PT-2026-32173

6.9CVSS6AI score0.0001EPSS

Exploits1References3

CNNVD•added 2026/04/12 12:0 a.m.•1 views

Nsasoft SpotFTP Password Recover 安全漏洞

Nsasoft SpotFTP Password Recover is a tool developed by the NSASoft company in the United States, designed to recover saved account passwords from FTP clients. Version 2.4.2 of Nsasoft SpotFTP Password Recover contains a security vulnerability. This vulnerability stems from insufficient input...

6.9CVSS5.8AI score0.0001EPSS

Exploits1References2

RedhatCVE•added 2026/02/08 1:21 a.m.•2 views

CVE-2020-37122

SpotFTP-FTP Password Recover 2.4.8 contains a denial of service vulnerability that allows attackers to crash the application by generating a large buffer overflow. Attackers can create a text file with 1000 'Z' characters and input it as a registration code to trigger the application crash...

7.5CVSS5.8AI score0.00013EPSS

Exploits0References1

NVD•added 2026/02/07 12:15 a.m.•2 views

CVE-2020-37122

7.5CVSS0.00013EPSS

Exploits0References4

Cvelist•added 2026/02/06 11:14 p.m.•27 views

CVE-2020-37122 SpotFTP-FTP Password Recover 2.4.8 - Denial of Service

7.5CVSS0.00013EPSS

Exploits0References4

Vulnrichment•added 2026/02/06 11:14 p.m.•1 views

CVE-2020-37122 SpotFTP-FTP Password Recover 2.4.8 - Denial of Service

7.5CVSS6AI score0.00013EPSS

Exploits0References4

CVE•added 2026/02/06 11:14 p.m.•7 views

CVE-2020-37122

Summary: CVE-2020-37122 affects SpotFTP-FTP Password Recover 2.4.8 and is described as a denial-of-service vulnerability triggered by a crafted registration code. According to the documents, an attacker can crash the application by providing a text file containing 1000 'Z' characters as the regis...

7.5CVSS5.9AI score0.00013EPSS

Exploits0References4

Positive Technologies•added 2026/02/06 12:0 a.m.•1 views

PT-2026-6817

Name of the Vulnerable Software and Affected Versions SpotFTP-FTP Password Recover version 2.4.8 Description The software contains a denial of service issue that allows attackers to crash the application. This is achieved by triggering a large buffer overflow. An attacker can create a text file...

7.5CVSS5.9AI score0.00013EPSS

Exploits0References6

CNNVD•added 2025/11/17 12:0 a.m.•1 views

Kashipara Online Furniture Shopping Ecommerce Website 安全漏洞

Kashipara Online Furniture Shopping Ecommerce Website is a fast online shopping ecommerce website from Kashipara. A security vulnerability exists in Kashipara Online Furniture Shopping Ecommerce Website version 1.0, which stems from an unvalidated recoveremail parameter in userpasswordrecover.php...

6.5CVSS7.7AI score0.00037EPSS

Exploits1References3

EUVD•added 2025/11/17 12:0 a.m.•1 views

EUVD-2024-55092

Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the recoveremail parameter in userpasswordrecover.php...

6.5CVSS7.5AI score0.00037EPSS

Exploits1References3

OSV•added 2025/08/29 5:15 p.m.•0 views

CVE-2025-9660

A vulnerability was found in SourceCodester Bakeshop Online Ordering System 1.0. The impacted element is an unknown function of the file /passwordrecover.php. Performing manipulation of the argument phonenumber results in sql injection. The attack is possible to be carried out remotely. The explo...

9.8CVSS5.7AI score

Exploits0References5

Cvelist•added 2025/08/29 4:32 p.m.•8 views

CVE-2025-9660 SourceCodester Bakeshop Online Ordering System passwordrecover.php sql injection

7.5CVSS0.00066EPSS

Exploits1References5

OSV•added 2022/07/26 1:15 p.m.•2 views

CVE-2022-34989

Fruits Bazar v1.0 was discovered to contain a SQL injection vulnerability via the recoveremail parameter at userpasswordrecover.php...

9.8CVSS5.8AI score

Exploits0References1

CNNVD•added 2022/07/26 12:0 a.m.•2 views

Fruits Bazar SQL注入漏洞

Fruits Bazar is an e-commerce project using Php, javaScript, Jquery and Mysql by Md. Saiful Islam, an individual developer from Bangladesh. A SQL injection vulnerability exists in Fruits Bazar v1.0, which stems from a security issue with the recoveremail parameter in userpasswordrecover.php, whic...

9.8CVSS8.4AI score0.00264EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by