CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

137 matches found

RedhatCVE•added 2026/06/05 7:46 p.m.•5 views

CVE-2026-6745

A vulnerability was determined in Bagisto up to 2.3.15. Affected by this vulnerability is an unknown functionality of the component Custom Scripts Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may...

5.1CVSS4.1AI score0.00191EPSS

Exploits0References1

EUVD•added 2026/06/03 12:30 a.m.•7 views

EUVD-2026-34062

A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData Handler. The manipulation leads to use after free. Remote exploitation of the attack is possible...

6.5CVSS5.3AI score0.00243EPSS

Exploits0References7

Positive Technologies•added 2026/06/01 12:0 a.m.•9 views

PT-2026-45222

A security vulnerability has been detected in Metasoft 美特软件 MetaCRM 6.4.0. The impacted element is an unknown function of the file develop/systparam/softlogo/upload.jsp. Such manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed publicly an...

6.5CVSS6.2AI score0.00201EPSS

Exploits0References6

ATTACKERKB•added 2026/05/25 8:45 a.m.•5 views

CVE-2026-9443

A security vulnerability has been detected in Edimax BR-6478AC 1.23. This vulnerability affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. The manipulation of the argument L2TPUserName leads to buffer overflow. The attack may be initiated...

9CVSS7.8AI score0.00751EPSS

Exploits0References4Affected Software1

NVD•added 2026/05/10 9:16 a.m.•13 views

CVE-2026-8241

A vulnerability has been found in Industrial Application Software IAS Canias ERP 8.03. The affected element is the function iasGetServerInfoEvent of the component RMI Interface. Such manipulation leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed ...

6.9CVSS0.00292EPSS

Exploits0References5

EUVD•added 2026/05/10 3:33 a.m.•4 views

EUVD-2026-28950

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results in improper authentication. It is possible to launch the attack remotely. The exploit has been ma...

6.9CVSS5.7AI score0.00403EPSS

Exploits0References5

Cvelist•added 2026/04/12 4:15 a.m.•33 views

CVE-2026-6116 Totolink A7100RU CGI cstecgi.cgi setDiagnosisCfg os command injection

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument ip leads to os command injection. Remote exploitation of the attack is...

10CVSS0.01803EPSS

Exploits0References5

Positive Technologies•added 2026/04/06 12:0 a.m.•2 views

PT-2026-30563

A vulnerability has been found in itsourcecode Construction Management System 1.0. Affected is an unknown function of the file /borrowed equip report.php of the component Parameter Handler. The manipulation of the argument Home leads to sql injection. It is possible to initiate the attack remotel...

6.5CVSS5.7AI score0.00204EPSS

Exploits0References7

ATTACKERKB•added 2026/03/23 6:37 p.m.•2 views

CVE-2026-4595

A vulnerability was determined in code-projects Exam Form Submission 1.0. This vulnerability affects unknown code of the file /admin/updates6.php. Executing a manipulation of the argument sname can lead to cross site scripting. The attack can be launched remotely. The exploit has been publicly...

4.8CVSS4AI score0.00206EPSS

Exploits0References8Affected Software1

EUVD•added 2026/02/27 12:31 a.m.•3 views

EUVD-2026-8969

A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. This manipulation of the argument page causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly...

9CVSS8.4AI score0.00746EPSS

Exploits1References6

NVD•added 2026/02/16 3:18 p.m.•6 views

CVE-2026-2562

A vulnerability was determined in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This impacts the function caststreen of the file /jdcapi of the component jdcwebrpc. Executing a manipulation of the argument File can lead to Remote Privilege Escalation. The attack may be performed from remote. Th...

8.8CVSS0.00317EPSS

Exploits0References4

RedhatCVE•added 2025/11/18 12:11 a.m.•12 views

CVE-2025-13253

A vulnerability was determined in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /addlibrarian.php. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly...

8.8CVSS7AI score0.00307EPSS

Exploits1References1

RedhatCVE•added 2025/11/01 6:55 p.m.•15 views

CVE-2025-12546

A vulnerability was determined in LogicalDOC Community Edition up to 9.2.1. This affects an unknown part of the component API Key creation UI. This manipulation causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized...

5.4CVSS5.5AI score0.0023EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2025-18367

Malicious code in bioql PyPI...

9CVSS8.8AI score0.03216EPSS

Exploits1References7

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-16922

Malicious code in bioql PyPI...

9CVSS8.8AI score0.00759EPSS

Exploits1References7