CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

51 matches found

CVE-2018-25421 Open STA Manager 2.3 Arbitrary File Download via Path Traversal

Open STA Manager 2.3 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by manipulating the file parameter. Attackers can send GET requests to modules/backup/actions.php with op=getfile and traverse directories using ../ sequences to access sensiti...

7.1CVSS5.9AI score0.0004EPSS

Exploits0References4

OSV•added 2026/05/08 11:49 a.m.•3 views

CLSA-2026-1778240943 php: Fix of CVE-2025-1219

CVE-2025-1219: fix wrong content-type header on libxml streams redirect...

6.3CVSS5.8AI score0.00092EPSS

Exploits1References1

Tenable Nessus•added 2026/01/19 12:0 a.m.•2 views

MiracleLinux 3 : php-5.1.6-45.0.1.AXS3 (AXSA:2014-794:03)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-794:03 advisory. Description : PHP is an HTML-embedded scripting language that allows developers to write dynamically generated web pages. PHP is ideal for writing...

7.5CVSS5.6AI score0.55955EPSS

Exploits3References4

Tenable Nessus•added 2026/01/19 12:0 a.m.•5 views

MiracleLinux 4 : rh-php56-php-5.6.5-9.AXS4 (AXSA:2016-622:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-622:02 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in...

8.1CVSS8.5AI score0.83504EPSS

Exploits0References2

Tenable Nessus•added 2026/01/19 12:0 a.m.•6 views

MiracleLinux 4 : rh-php56-php-5.6.5-8.AXS4 (AXSA:2016-144:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-144:01 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers...

10CVSS9.3AI score0.35455EPSS

Exploits8References13

Tenable Nessus•added 2026/01/16 12:0 a.m.•1 views

MiracleLinux 7 : rh-php56-php-5.6.5-7.el7 (AXSA:2016-130:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-130:01 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers...

10CVSS8.2AI score0.69613EPSS

Exploits20References19

RedhatCVE•added 2025/11/19 10:23 a.m.•2 views

CVE-2025-41737

Due to webserver misconfiguration an unauthenticated remote attacker is able to read the source of php modules...

7.5CVSS6.9AI score0.00045EPSS

Exploits0References1

CVE•added 2025/11/18 10:18 a.m.•11 views

CVE-2025-41734

CVE-2025-41734 affects METZ CONNECT EWIO2-M and EWIO2-BM devices. Public sources corroborate unauthenticated remote attackers can execute arbitrary PHP files and gain full control of affected devices through web/server flaws, enabling remote code execution and complete device compromise. The comm...

9.8CVSS7.4AI score0.00122EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/11/18 10:18 a.m.•5 views

CVE-2025-41734 Unauthenticated Local File Inclusion in php module

An unauthenticated remote attacker can execute arbitrary php files and gain full access of the affected devices...

9.8CVSS0.00122EPSS

Exploits0References1

Vulnrichment•added 2025/11/18 10:18 a.m.•3 views

CVE-2025-41734 Unauthenticated Local File Inclusion in php module

An unauthenticated remote attacker can execute arbitrary php files and gain full access of the affected devices...

9.8CVSS7.4AI score0.00122EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2006-5890

Malware in sbrugna...

7.5CVSS6.4AI score0.00584EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2006-5342

Malware in sbrugna...

10CVSS6.4AI score0.00792EPSS

Exploits0References10

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-7768

Malware in sbrugna...

8.1CVSS5.7AI score0.0209EPSS

Exploits1References16

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2012-2073

Malware in sbrugna...

6.8CVSS6.4AI score0.01029EPSS

Exploits0References9

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2005-4864

Malware in sbrugna...

7.5CVSS6.4AI score0.01244EPSS

Exploits0References3

Rockylinux•added 2025/05/07 7:13 p.m.•5 views

new module: php:8.2

An update is available for php-pecl-zip, module.php-pecl-apcu, php-pecl-xdebug3, module.php-pecl-xdebug3, php-pecl-rrd, module.php-pecl-rrd, module.php-pecl-zip, php-pecl-apcu. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

6.7AI score

Exploits0

OSV•added 2025/03/21 1:17 p.m.•1 views

OESA-2025-1303 php security update

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

9.8CVSS6.8AI score0.0103EPSS

Exploits2References6

OSV•added 2024/08/30 11:8 a.m.•1 views

OESA-2024-2062 php security update

6.5CVSS6.8AI score0.08698EPSS

Exploits0References2

CNNVD•added 2023/01/06 12:0 a.m.•0 views

d2files SQL注入漏洞

d2files is a PHP module. A SQL injection vulnerability exists in d2files. An attacker could exploit this vulnerability to perform a sql injection attack...

9.8CVSS6.8AI score0.00353EPSS

Exploits0References5

OSV•added 2022/06/06 2:43 p.m.•1 views

CLSA-2022-1654526615 Fixed CVE-2021-21705 in php-1.module_el8.5.0+2055+cc873159.tuxcare.els3

CVE-2021-21705: Fix SSRF bypass in FILTERVALIDATEURL adding additional check ups...

5.3CVSS6.8AI score0.00294EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by