CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1826 matches found

CVE•added 2026/01/13 10:51 p.m.•11 views

CVE-2022-50806

CVE-2022-50806 affects 4images 1.9. The vulnerability is a remote command execution where authenticated administrators can inject reverse shell code through the template editing feature and execute commands via categories.php with a crafted cat_id parameter. Exploitation details and affected comp...

8.6CVSS7.5AI score0.01088EPSS

Exploits1References3Affected Software1

Positive Technologies•added 2026/01/13 12:0 a.m.•3 views

PT-2026-2410

Name of the Vulnerable Software and Affected Versions Wing FTP Server versions 4.3.8 and below Description The software contains a remote code execution issue that allows attackers to execute arbitrary PowerShell commands. An attacker can leverage a crafted Lua script payload, base64-encoded with...

8.8CVSS8.2AI score0.00204EPSS

Exploits0References5

Positive Technologies•added 2026/01/13 12:0 a.m.•6 views

PT-2026-2363

Name of the Vulnerable Software and Affected Versions 4images version 1.9 Description The software contains a remote command execution issue. Authenticated administrators can inject reverse shell code through template editing functionality. Attackers can save malicious code in a template and...

8.6CVSS7.7AI score0.01088EPSS

Exploits1References8

OSV•added 2026/01/12 8:15 p.m.•3 views

CVE-2025-66802

Sourcecodester Covid-19 Contact Tracing System 1.0 is vulnerable to RCE Remote Code Execution. The application receives a reverse shell php into imagem of the user enabling RCE...

9.8CVSS5.8AI score0.00791EPSS

Exploits2References2

NVD•added 2026/01/12 8:15 p.m.•6 views

CVE-2025-66802

Sourcecodester Covid-19 Contact Tracing System 1.0 is vulnerable to RCE Remote Code Execution. The application receives a reverse shell php into imagem of the user enabling RCE...

9.8CVSS0.00791EPSS

Exploits2References2

EUVD•added 2026/01/12 12:0 a.m.•4 views

EUVD-2026-1913

Sourcecodester Covid-19 Contact Tracing System 1.0 is vulnerable to RCE Remote Code Execution. The application receives a reverse shell php into imagem of the user enabling RCE...

9.8CVSS6.5AI score0.00791EPSS

Exploits2References3

Positive Technologies•added 2026/01/12 12:0 a.m.•2 views

PT-2026-2297

Name of the Vulnerable Software and Affected Versions Sourcecodester Covid-19 Contact Tracing System version 1.0 Description The application is susceptible to Remote Code Execution RCE. It receives a reverse shell php into the user's image, enabling RCE. Recommendations At the moment, there is no...

9.8CVSS9.2AI score0.00791EPSS

Exploits2References5

Cvelist•added 2026/01/12 12:0 a.m.•20 views

CVE-2025-66802

Sourcecodester Covid-19 Contact Tracing System 1.0 is vulnerable to RCE Remote Code Execution. The application receives a reverse shell php into imagem of the user enabling RCE...

0.00791EPSS

Exploits2References2

CNNVD•added 2026/01/12 12:0 a.m.•2 views

SourceCodester Covid-19 Contact Tracing System 安全漏洞

SourceCodester Covid-19 Contact Tracing System is a new Crown Pneumonia contact tracing system open-sourced by SourceCodester. A security vulnerability exists in version 1.0 of the SourceCodester Covid-19 Contact Tracing System, which stems from the application receiving a reverse shell and could...

9.8CVSS9.4AI score0.00791EPSS

Exploits2References3

CVE•added 2026/01/12 12:0 a.m.•16 views

CVE-2025-66802

CVE-2025-66802 affects SourceCodester Covid-19 Contact Tracing System 1.0. The Red Hat, CIRCL, NVD and related records describe a Remote Code Execution vulnerability in which an attacker can obtain a reverse shell (PHP) by exploiting the application’s handling of user-provided content, notably im...

9.8CVSS6.6AI score0.00791EPSS

Exploits2References2Affected Software1

Vulnrichment•added 2026/01/12 12:0 a.m.•1 views

CVE-2025-66802

Sourcecodester Covid-19 Contact Tracing System 1.0 is vulnerable to RCE Remote Code Execution. The application receives a reverse shell php into imagem of the user enabling RCE...

6.6AI score0.00791EPSS

Exploits2References2

GithubExploit•added 2026/01/11 7:48 p.m.•395 views

SweetRice1.5.1-Authenticated-RCE-Exploit

SweetRice CMS 1.5.1 – Authenticated Remote Code Execution RCE...

7.9AI score

Exploits0

GithubExploit•added 2026/01/11 7:59 a.m.•159 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Vulnerability Detection and Exploitation Tool...

10CVSS7.4AI score0.99562EPSS

Exploits366

RedhatCVE•added 2026/01/09 11:58 a.m.•4 views

CVE-2018-19977

A command injection missing input validation, escaping in the ftp upgrade configuration interface on the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows an authenticated remote attacker simple user -- in the same network as the device -- to trigger OS commands like starting telnetd or openin...

8CVSS7.6AI score0.04183EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:29 a.m.•5 views

CVE-2021-27130

Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload...

9.8CVSS8AI score0.02231EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:48 a.m.•5 views

CVE-2025-23317

NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker could start a reverse shell by sending a specially crafted HTTP request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information...

9.8CVSS7AI score0.01829EPSS

Exploits0References1

GithubExploit•added 2026/01/06 10:29 p.m.•140 views

Malware-Analysis-Project-SLMAIL-5.5-BOF-

Malware Analysis Project Introduction to exploit development w...

7.5AI score

Exploits0

GithubExploit•added 2026/01/04 8:47 p.m.•148 views

XLST-XML-PAYLOAD-GENERATOR

XLST-XML-PAYLOAD-GENERATOR This project is a...

8.6AI score

Exploits0