CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5655 matches found

CNNVD•added 2025/12/05 12:0 a.m.•2 views

youlai-mall 安全漏洞

youlai-mall is a full-stack mall system by youlaitech open source. A security vulnerability exists in youlai-mall version 1.0.0 and 2.0.0, which stems from improper control of dynamic variables and may lead to remote attacks...

8.8CVSS6.6AI score0.00337EPSS

Exploits1References5

CNNVD•added 2025/11/20 12:0 a.m.•2 views

mall 访问控制错误漏洞

mall is an e-commerce system for macro individual developers, including frontend mall system and backend management system. An access control error vulnerability exists in mall 1.0.3 and earlier versions, which stems from improper access control and could lead to remote attacks...

6.5CVSS5.4AI score0.00196EPSS

Exploits1References5

Positive Technologies•added 2025/11/17 12:0 a.m.•3 views

PT-2025-47208

Name of the Vulnerable Software and Affected Versions itsourcecode Web-Based Internet Laboratory Management System version 1.0 Description A SQL injection issue exists in itsourcecode Web-Based Internet Laboratory Management System version 1.0. The issue is located in an unknown functionality of...

7.5CVSS7.2AI score0.00339EPSS

Exploits1References9

Positive Technologies•added 2025/11/16 12:0 a.m.•3 views

PT-2025-47080

Name of the Vulnerable Software and Affected Versions code-projects Student Information System version 2.0 Description A security issue exists in code-projects Student Information System 2.0. The issue involves cross site scripting and impacts an unknown function within the /editprofile.php file...

5.1CVSS5.6AI score0.00219EPSS

Exploits1References7

Positive Technologies•added 2025/11/16 12:0 a.m.•3 views

PT-2025-47079

Name of the Vulnerable Software and Affected Versions code-projects Student Information System version 2.0 Description A cross site scripting issue exists in code-projects Student Information System 2.0. The issue is located in the /register.php file within an unknown function. This manipulation...

5.3CVSS5.7AI score0.00306EPSS

Exploits1References8

Cvelist•added 2025/10/27 6:2 a.m.•9 views

CVE-2025-12231 projectworlds Expense Management System Expense Categories create cross site scripting

A security vulnerability has been detected in projectworlds Expense Management System 1.0. Affected is an unknown function of the file /public/admin/expensecategories/create of the component Expense Categories Page. Such manipulation leads to cross site scripting. It is possible to launch the...

4.8CVSS0.00208EPSS

Exploits1References4

Positive Technologies•added 2025/10/27 12:0 a.m.•2 views

PT-2025-43934

Name of the Vulnerable Software and Affected Versions abhicodebox ModernShop version 20250922 Description A flaw exists in the processing of the /search file within abhicodebox ModernShop. Manipulation of the q argument can lead to cross site scripting, potentially allowing for remote attacks. Th...

5.3CVSS5.9AI score0.0028EPSS

Exploits1References7

CNNVD•added 2025/10/27 12:0 a.m.•3 views

LearnHouse 安全漏洞

LearnHouse is an online learning management system open-sourced by LearnHouse. A security vulnerability exists in LearnHouse 98dfad76aad70711a8113f6c1fdabfccf10509ca and prior versions, which originates in file /api/v1/assignments/assignmentid/tasks/taskid/subfile Improper control of resource...

7.5CVSS4.9AI score0.00337EPSS

Exploits1References4

CNNVD•added 2025/10/19 12:0 a.m.•2 views

70mai X200 访问控制错误漏洞

The 70mai X200 is a head-only car recorder from 70mai 70mai, a Chinese company. An access control error vulnerability exists in 70mai X200 20251010 and earlier versions, which stems from a lack of authentication in the pairing component and could lead to remote attacks...

9.8CVSS7.6AI score0.01123EPSS

Exploits1References5

RedhatCVE•added 2025/10/17 12:43 a.m.•13 views

CVE-2025-61330

A hard-coded weak password vulnerability has been discovered in all Magic-branded devices from Chinese network equipment manufacturer H3C. The vulnerability stems from the use of a hard-coded weak password for the root account in the /etc/shadow configuration or even the absence of any password a...

6.5CVSS7.2AI score0.00252EPSS

Exploits0References1

Cvelist•added 2025/10/16 12:0 a.m.•10 views

CVE-2025-61330

0.00252EPSS

Exploits0References1

Vulnrichment•added 2025/10/16 12:0 a.m.•4 views

CVE-2025-61330

6.9AI score0.00252EPSS

Exploits0References1

CNNVD•added 2025/10/12 12:0 a.m.•2 views

Tomofun Furbo 360 安全漏洞

Tomofun Furbo 360 is a smart pet camera from Tomofun Corporation of Taiwan, China. A security vulnerability exists in Tomofun Furbo 360 FB0035FW036 and prior versions, which stems from a resource consumption issue in the file upload component that could lead to remote attacks...

6.5CVSS5AI score0.00409EPSS

Exploits0References3

CNNVD•added 2025/10/12 12:0 a.m.•4 views

Tomofun Furbo 360和Tomofun Furbo Mini 信任管理问题漏洞

Tomofun Furbo 360 and Tomofun Furbo Mini are both smart pet cameras from Tomofun Corporation of Taiwan, China. A trust management issue vulnerability exists in Tomofun Furbo 360 FB0035FW036 and earlier versions and Tomofun Furbo Mini MC0020FW074 and earlier versions, which stems from improper...

6.3CVSS4.8AI score0.00235EPSS

Exploits0References4

CNNVD•added 2025/10/08 12:0 a.m.•2 views

OpnForm 代码问题漏洞

OpnForm is a form builder by Julien Nahum Personal Developer. A code issue vulnerability exists in OpnForm 1.9.3 and earlier versions, which stems from the presence of unrestricted upload functionality for files/answers, which could lead to remote attacks...

8.8CVSS6.7AI score0.00343EPSS

Exploits1References5