CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

RedhatCVE•added 2026/02/19 7:21 p.m.•1 views

CVE-2025-59920

When hours are entered in time@work, version 7.0.5, it performs a query to display the projects assigned to the user. If the query URL is copied and opened in a new browser window, the ‘IDClient’ parameter is vulnerable to a blind authenticated SQL injection. If the request is made with the TWAdm...

8.6CVSS5.9AI score0.00045EPSS

Exploits0References1

Tenable Nessus•added 2025/08/10 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2025-6428

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing...

4.3CVSS5.8AI score0.00177EPSS

Exploits1References2

CNNVD•added 2023/10/04 12:0 a.m.•1 views

WideStand CMS Cross-Site Scripting Vulnerability

WideStand CMS is a content management system from WideStand, Inc. A cross-site scripting vulnerability exists in WideStand CMS versions prior to 5.3.5 that stems from the direct use of the query's URL content to generate one of the meta tags, which would allow an attacker to inject HTML/Javascrip...

6.1CVSS6.3AI score0.0009EPSS

Exploits0References2

Openbugbounty•added 2018/05/02 3:56 p.m.•8 views

bakerenogkokken.no XSS vulnerability

Open Bug Bounty ID: OBB-611184 Description| Value ---|--- Affected Website:| bakerenogkokken.no Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0

Packet Storm•added 2018/04/26 12:0 a.m.•64 views

hik-connect.com / ezvizlife.com Authentication Bypass

There is a full write up of this bug here: https://medium.com/@evstykas/hackvision-8f50924e56d Vulnerability Security Advisory ======================================================================= title: No validation on cookie values product: hik-connect.com and ezvizlife.com vulnerable versio...

0.3AI score

Exploits0

Exploit DB•added 2005/04/07 12:0 a.m.•49 views

PHP-Nuke 6.x < 7.6 Top module - SQL Injection

/bin/bash This is just basic-ly modules.php?name=Top&querylang=union%20select%200,pwd,0,0%20from%20nukeauthors%20where%20radminsuper=1 works thou /str0ke PHPNuke Top Module Remote SQL Injection by Fabrizi Andrea 2005 andrea.fabrizi at gmail.com Work with the PHPNuke latest version! URL=$1;...

7.4AI score

Exploits0