CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

NVD•added 2026/02/22 2:16 p.m.•2 views

CVE-2019-25450

Dolibarr ERP/CRM 10.0.1 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through POST parameters. Attackers can inject malicious SQL through parameters like actioncode, demandreasonid, and availabilityid in...

7.5CVSS0.00054EPSS

Exploits1References2

RedhatCVE•added 2026/01/09 12:19 p.m.•5 views

CVE-2018-10522

In CMS Made Simple CMSMS through 2.2.7, the "file view" operation in the admin dashboard contains a sensitive information disclosure vulnerability, exploitable by ordinary users, because the product exposes unrestricted access to the PHP filegetcontents function...

4.9CVSS6.5AI score0.00271EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-2594

Malware in sbrugna...

4.9CVSS5.1AI score0.00271EPSS

Exploits1References2

Tenable Nessus•added 2025/09/10 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2025-21626

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Starting in version 0.71 and prior to version 10.0.18, an anonymous user can fetch sensitive informatio...

6.5CVSS5.5AI score0.00231EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 3:20 a.m.•1 views

CVE-2023-24202

Raffle Draw System v1.0 was discovered to contain a local file inclusion vulnerability via the page parameter in index.php...

9.8CVSS7AI score0.00366EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 7:24 p.m.•6 views

CVE-2021-24917

The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login page by setting a random referer string and making a request to /wp-admin/options.php as an unauthenticated user...

7.5CVSS7AI score0.80712EPSS

Exploits5References1

NVD•added 2021/12/15 4:15 p.m.•7 views

CVE-2021-43675

Lychee-v3 3.2.16 is affected by a Cross Site Scripting XSS vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will contain albumID which is controlled by the user...

6.1CVSS0.00307EPSS

Exploits0References3

CNVD•added 2017/04/13 12:0 a.m.•1 views

Synology Photo Station Security Bypass Vulnerability

Synology Photo Station is a Synology solution for sharing pictures, videos and blogs over the Internet. A security bypass vulnerability exists in Synology Photo Station versions prior to 6.3-2958. The vulnerability can be exploited by a remote attacker to execute arbitrary commands by sending an...

8.8CVSS7.6AI score0.02815EPSS

Exploits1References1

Joomla! Vulnerable Extensions List•added 2009/01/07 12:0 a.m.•14 views

[20090102] - Core - plg_xstandard Directory Traversal

A crafted request can cause disclosure of the directory structure on the server including any directory that php has access to...

6.8AI score

Exploits0Affected Software1

Exploit DB•added 2005/05/06 12:0 a.m.•34 views

ZeroBoard - Worm Source Code

/ The worm exploits a vulnerability in ZeroBoard, allowing an attacker to inject arbitrary PHP code. /str0ke / / ZeroBoard -1day INE w0rm / include include include include include include include include include ifdef sun include endif / SunOS / define DEBUGING undef DEBUGING define TMPFILE...

7.4AI score

Exploits0

securityvulns•added 2001/12/22 12:0 a.m.•20 views

twlc advisory: plesk (psa) allows reading of .php files

twlc security divison 21/12/2001 plesk psa allows reading of .php files Found by: supergate ./twlc Summary: Plesk is a server admnistrator used by LOTS of web hosting companies to make easy the menagement of the server. Its a really cool software!! i work with it. This bug allows you to read the...

7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by