CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2025/10/27 9:15 p.m.•7 views

CVE-2025-62524

5.3CVSS0.00042EPSS

Exploits0References2

CVE•added 2025/10/27 8:18 p.m.•6 views

CVE-2025-62524

PILOS (Frontend for BigBlueButton) before version 4.8.0 disclosed PHP version information via the X-Powered-By header, enabling server fingerprinting. The vulnerability originates from the base PHP image and can also be inferred from the PILOS footer or GitHub source. It has been patched in PILOS...

5.3CVSS6.2AI score0.00042EPSS

Exploits0References2Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-20826

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.0026EPSS

RedhatCVE•added 2025/07/11 3:42 p.m.•5 views

CVE-2025-7381

ImpactThis is an information disclosure vulnerability originating from PHP's base image. This vulnerability exposes the PHP version through an X-Powered-By header, which attackers could exploit to fingerprint the server and identify potential weaknesses. WorkaroundsThe mitigation requires changin...

5.3CVSS6.8AI score0.0026EPSS

NVD•added 2025/07/09 4:15 p.m.•2 views

CVE-2025-7381

5.3CVSS0.0026EPSS

OSV•added 2025/07/09 4:15 p.m.•1 views

CVE-2025-7381

5.3CVSS5.8AI score

CVE•added 2025/07/09 3:16 p.m.•12 views

CVE-2025-7381

CVE-2025-7381 affects Mautic-related Docker images and the PHP base image: an information-disclosure flaw where the X-Powered-By header reveals the PHP version, enabling server fingerprinting. Root cause is PHP’s expose_php behavior; attack surface is the header exposure rather than code executio...

5.3CVSS6.2AI score0.0026EPSS

CNNVD•added 2025/07/09 12:0 a.m.•2 views

Mautic Docker Image 安全漏洞

Mautic Docker Image is a Mautic open source Docker image for Mautic. A security vulnerability exists in Mautic Docker Image that stems from exposing the PHP version via the X-Powered-By header, which could lead to server fingerprinting...

5.3CVSS6.7AI score0.0026EPSS

Positive Technologies•added 2025/07/09 12:0 a.m.•1 views

PT-2025-28900 · Php · Php

Name of the Vulnerable Software and Affected Versions: PHP affected versions not specified Description: This is an information disclosure issue originating from PHP’s base image. The vulnerability exposes the PHP version through an X-Powered-By header, which attackers could exploit to fingerprint...

5.3CVSS6.1AI score0.0026EPSS

Exploits0References5

Packet Storm•added 2018/05/22 12:0 a.m.•39 views

Boerse.de Cross SIte Scripting

Exploit Title: Reflected XSS at Boerse DE Date: 22.05.2018 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.boerse.de Software Link: Website Version: 1.0.0 Tested on: Google Chrome / Mozilla FireFox Reflected XSS Payload : " " " PoC : General : Request URL:...

7.4AI score

Openbugbounty•added 2018/01/31 7:45 p.m.•7 views

mylocal.mcall.com XSS vulnerability

Open Bug Bounty ID: OBB-550532 Description| Value ---|--- Affected Website:| mylocal.mcall.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Powered by OwnLocal Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6AI score

Openbugbounty•added 2018/01/31 7:37 p.m.•9 views

local.argusobserver.com XSS vulnerability

Open Bug Bounty ID: OBB-550513 Description| Value ---|--- Affected Website:| local.argusobserver.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Powered by OwnLocal Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6AI score

Openbugbounty•added 2018/01/31 7:10 p.m.•11 views

local.theargus.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-550459 Description| Value ---|--- Affected Website:| local.theargus.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Powered by OwnLocal Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6AI score

Citrix•added 2017/09/15 12:0 a.m.•5 views

To delete two headers in HTTP Response

In certain cases, we do not want to parse the HTTP headers to the end Client. NetScaler can do this job by deleting the HTTP header received from the Server. We can use Rewrite feature of NetScaler to achieve this. Configuration AppExperts Rewrite. Step 1 : To remove HTTP header named "Server" CL...

7AI score

seebug.org•added 2015/01/15 12:0 a.m.•28 views

LebiShop系统sql注入

简要描述：官网 http://www.lebi.cn/ demo站点 http://demo.lebi.cn/ 详细说明：用google搜索关键词 intext:Powered by LebiShop 或者google搜索关键词 Powered by LebiShop inurl:Category.aspx 部分案例 http://168dev.com/lebishop/Category.aspx http://oa.psy123.com.cn/AllCategories.aspx http://www.huacaiye.com/Category.aspx?tid=1...

7AI score

seebug.org•added 2014/07/01 12:0 a.m.•20 views

Info Fisier 1.0 - SQL Injection Vulnerability

No description provided by source. ==================================================================================== + Info Fisier 1.0 SQL Injection Vulnerability + Software : Info Fisier 1.0 + Author : AnGrY BoY + Contact : [email protected] & [email protected] + Home :...

seebug.org•added 2014/07/01 12:0 a.m.•40 views

F3Site <= 2.1 - Remote Code Execution Exploit

No description provided by source. ? // //Kacper & str0ke Settings $exploitname = F3Site = 2.1 Remote Code Execution Exploit; $scriptname = F3Site 2.1; $scriptsite = http://dhost.info/compmaster/; $dork = 'Powered by F3Site'; //to work exploit you need admin session, and cookies prefix // print '...

seebug.org•added 2014/07/01 12:0 a.m.•31 views

crownweb (page.cfm) SQL Injection Vulnerability

No description provided by source. crownweb page.cfm Sql Injection Vulnerability =================================================================== .:. Email : [email protected] .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : crownweb .:. Language : Cfm .:. Script Download:...

seebug.org•added 2014/07/01 12:0 a.m.•21 views

Rebus:list (list.php, list_id param) - SQL Injection Vulnerability

No description provided by source. Exploit Title: Rebus:list SQL Injection Vulnerability Date: 3/18/2013 Vendor Homepage: http://www.ptfs-europe.com/products/rebus/rebuslist/ Author: Robert Cooper robert.cooper at areyousecure.net Tested on: Linux/Windows 7 Vulnerable Parameters: listid= Google...