CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

CVE•added 2026/03/25 10:51 p.m.•7 views

CVE-2026-33912

OpenEMR prior to 8.0.0.3 is affected by a reflected XSS in ajax_download.php via the reportID parameter. An authenticated attacker could submit a malicious form, causing arbitrary JavaScript to run in the victim’s browser session. Root cause: input in reportID not properly sanitized. Affected pro...

5.4CVSS5.9AI score0.00022EPSS

Exploits0References4Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-4608

Malware in sbrugna...

6.1CVSS6.2AI score0.02938EPSS

Exploits5References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-3182

Malware in sbrugna...

9.8CVSS9.5AI score0.00311EPSS

Exploits3References3

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2024-53728

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00181EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-15159

Malicious code in bioql PyPI...

5.1CVSS6.6AI score0.00086EPSS

Exploits1References3

RedhatCVE•added 2025/05/23 7:4 a.m.•2 views

CVE-2024-57760

JeeWMS before v2025.01.01 was discovered to contain a SQL injection vulnerability via the ReportId parameter at /core/CGReportDao.java...

6.5CVSS6.8AI score0.00181EPSS

Exploits1References1

CNNVD•added 2025/01/14 12:0 a.m.•3 views

JeeWMS 安全漏洞

JeeWMS is a JAVA-based warehouse management system from China Huayi JeeWMS. A security vulnerability exists in JeeWMS versions prior to v2025.01.01, which stems from a SQL injection vulnerability found via the ReportId parameter in /core/CGReportDao.java...

6.5CVSS7.8AI score0.00181EPSS

Exploits1References1

Vulnrichment•added 2025/01/14 12:0 a.m.•6 views

CVE-2024-57760

JeeWMS before v2025.01.01 was discovered to contain a SQL injection vulnerability via the ReportId parameter at /core/CGReportDao.java...

6.8AI score0.00181EPSS

Exploits1References1

Positive Technologies•added 2025/01/14 12:0 a.m.•3 views

PT-2025-3554 · Jeewms · Jeewms

Name of the Vulnerable Software and Affected Versions: JeeWMS versions prior to v2025.01.01 Description: A SQL injection vulnerability was discovered in JeeWMS via the ReportId parameter at /core/CGReportDao.java. This issue allows for potential exploitation. Recommendations: For versions prior t...

6.5CVSS7AI score0.00181EPSS

Exploits1References7

CVE•added 2025/01/14 12:0 a.m.•46 views

CVE-2024-57760

CVE-2024-57760 affects JeeWMS prior to v2025.01.01. A SQL injection vulnerability exists via the ReportId parameter at /core/CGReportDao.java. The CVSS 3.1 base score is 6.5 (Confidentiality impact: High; other impacts: None/Not affected). Public documents confirm the issue and affected version r...

6.5CVSS8.3AI score0.00181EPSS

Exploits1References1Affected Software1

Cvelist•added 2025/01/14 12:0 a.m.•7 views

CVE-2024-57760

JeeWMS before v2025.01.01 was discovered to contain a SQL injection vulnerability via the ReportId parameter at /core/CGReportDao.java...

0.00181EPSS

Exploits1References1

Prion•added 2019/03/25 7:29 p.m.•12 views

Cross site scripting

A Reflected Cross Site Scripting XSS vulnerability exists in Adrenalin HRMS 5.4.0. An attacker can input malicious JavaScript code in /RPT/SSRSDynamicEditReports.aspx via 'ReportId' parameter...

4.3CVSS5.9AI score0.02938EPSS

Exploits5References2Affected Software1

OSV•added 2018/05/31 6:29 p.m.•0 views

CVE-2018-11140

The 'reportID' parameter received by the '/common/runreport.php' script in the Quest KACE System Management Appliance 8.0.318 is not sanitized, leading to SQL injection in particular, an error-based type...

9.8CVSS5.8AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by