CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2593 matches found

RedhatCVE•added 2025/04/18 1:52 a.m.•20 views

CVE-2024-40071

Sourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload vulnerability via idgenerator/classes/SystemSettings.php?f=updatesettings. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

9.8CVSS8.3AI score0.00598EPSS

Exploits1References1

RedhatCVE•added 2025/04/17 2:51 a.m.•10 views

CVE-2020-18243

SQL injection vulnerability found in Enricozab CMS v.1.0 allows a remote attacker to execute arbitrary code via /hdo/hdo-view-case.php...

6.5CVSS8.7AI score0.0037EPSS

Exploits0

CNNVD•added 2025/04/17 12:0 a.m.•2 views

WordPress plugin Hotel Booking 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.1CVSS8.3AI score0.00542EPSS

Exploits0References1

CNNVD•added 2025/04/17 12:0 a.m.•1 views

WordPress plugin Smart Agreements 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

7.5CVSS7.7AI score0.00576EPSS

Exploits0References1

NVD•added 2025/04/16 5:15 p.m.•16 views

CVE-2024-40071

9.8CVSS0.00598EPSS

Exploits1References1

Vulnrichment•added 2025/04/16 12:0 a.m.•8 views

CVE-2024-40071

8.4AI score0.00598EPSS

Exploits1References1

CNNVD•added 2025/04/16 12:0 a.m.•1 views

WordPress plugin WPCOM Member 安全漏洞

8.8CVSS8.6AI score0.00606EPSS

Exploits0References1

CNNVD•added 2025/04/11 12:0 a.m.•4 views

WordPress plugin Build App Online 安全漏洞

9.8CVSS8.6AI score0.00669EPSS

Exploits0References3

CNNVD•added 2025/04/11 12:0 a.m.•3 views

WordPress plugin FAT Cooming Soon 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exis...

8.1CVSS8.3AI score0.00758EPSS

Exploits0References3

CNNVD•added 2025/04/11 12:0 a.m.•2 views

WordPress plugin Ultimate Bootstrap Elements for Elementor 安全漏洞

8.1CVSS8.4AI score0.00758EPSS

Exploits0References3

Positive Technologies•added 2025/04/11 12:0 a.m.•3 views

PT-2025-16041 · WordPress · Mailhawk

Name of the Vulnerable Software and Affected Versions: Adrian Tobey WordPress SMTP Service, Email Delivery Solved! — MailHawk versions 1.3.1 and earlier Description: The issue is related to improper control of filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File...

7.5CVSS7.9AI score0.00721EPSS

Exploits0References6

CNNVD•added 2025/04/10 12:0 a.m.•4 views

WordPress plugin JetCompareWishlist 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...

7.5CVSS7.8AI score0.0051EPSS

Exploits0References1

Exploit DB•added 2025/04/10 12:0 a.m.•245 views

flatCore 1.5.5 - Arbitrary File Upload

Exploit Title: flatCore 1.5.5 - Arbitrary File Upload Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/flatCore/flatCore-CMS Software Link: https://github.com/flatCore/flatCore-CMS Version: 1.5.5 Tested on: Ubuntu Windows CVE : CVE-2019-10652 PoC： 1 1. Access the...

7.2CVSS7.1AI score0.0709EPSS

Exploits3

NVD•added 2025/04/09 5:15 p.m.•6 views

CVE-2025-32499

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpWax Logo Showcase Ultimate logo-showcase-ultimate allows PHP Local File Inclusion.This issue affects Logo Showcase Ultimate: from n/a through = 1.4.4...

6.5CVSS0.00591EPSS

Exploits0References1

CVE•added 2025/04/09 12:0 a.m.•64 views

CVE-2025-32461

CVE-2025-32461 affects Tiki Wiki CMS Groupware prior to 28.3, via wikiplugin_includetpl.php in lib/wiki-plugins/wikiplugin_includetpl.php, which mishandles input to an eval and can enable remote code execution. Affected versions include 21.12-, 24.8-, 27.2-, and 28.0–28.3. Fixed versions are 21.1...

9.9CVSS7.1AI score0.00778EPSS

Exploits1References8

CNNVD•added 2025/04/09 12:0 a.m.•3 views

WordPress plugin WP Subscription Forms 安全漏洞

7.5CVSS7.9AI score0.00712EPSS

Exploits0References1

OSV•added 2025/04/04 4:15 p.m.•1 views

CVE-2025-32146

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in JoomSky JS Job Manager allows PHP Local File Inclusion. This issue affects JS Job Manager: from n/a through 2.0.2...

8.8CVSS5.8AI score0.00613EPSS

Exploits0References1

CNNVD•added 2025/04/04 12:0 a.m.•4 views

WordPress plugin Radius Blocks 安全漏洞

7.5CVSS7.9AI score0.00785EPSS

Exploits0References1

CNNVD•added 2025/04/04 12:0 a.m.•4 views

WordPress plugin MasterStudy LMS 安全漏洞

8.8CVSS8.6AI score0.00542EPSS

Exploits0References1

CNNVD•added 2025/04/04 12:0 a.m.•7 views

WordPress plugin Fami WooCommerce Compare 安全漏洞