CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2025/09/27 7:33 p.m.•15 views

CVE-2025-11037

A security flaw has been discovered in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/adminindexsearch.php. Performing manipulation of the argument Search results in sql injection. The attack may be initiated remotely. The exploit has been released to th...

7.5CVSS7AI score0.00064EPSS

Exploits1References1

OSV•added 2023/12/28 3:15 a.m.•1 views

CVE-2023-7124

A vulnerability, which was classified as problematic, was found in code-projects E-Commerce Site 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument keyword with the input leads to cross site scripting. It is possible to launch the attack remotely. The...

6.1CVSS4AI score

Exploits0References3

Packet Storm•added 2023/06/05 12:0 a.m.•273 views

Total CMS 1.7.4 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score

Exploits0

SUSE CVE•added 2023/02/15 5:36 a.m.•3 views

SUSE CVE-2013-4415

Multiple cross-site scripting XSS vulnerabilities in Spacewalk and Red Hat Network RHN Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the 1 whereCriteria variable in a software channels search; 2 endyear, 3 starthour, 4 endampm, 5 endday, 6 endhour, 7 endminute, 8...

4.3CVSS6AI score0.0033EPSS

Exploits0References5

Prion•added 2021/03/31 2:15 p.m.•12 views

Sql injection

PbootCMS 3.0.4 contains a SQL injection vulnerability through index.php via the search parameter that can reveal sensitive information through adding an admin account...

5CVSS7.7AI score0.00238EPSS

Exploits1References1Affected Software1

Packet Storm•added 2018/04/10 12:0 a.m.•31 views

iScripts SonicBB 1.0 Cross Site Scripting

Exploit Title: iScripts SonicBB 1.0 - Reflected Cross-Site Scripting Date: 02/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iscripts.com Demo Page: https://www.demo.iscripts.com/sonicbb/demo/ Version: 1.0 Tested on: Windows 10 Category: Webapps CVE: CVE-2018-9235 1. Description...

6.4AI score0.01265EPSS

Exploits5

Openbugbounty•added 2017/11/15 11:29 a.m.•16 views

safirperfum.ir XSS vulnerability

Open Bug Bounty ID: OBB-417450 Description| Value ---|--- Affected Website:| safirperfum.ir Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score

Exploits0

Cvelist•added 2015/03/11 2:0 p.m.•29 views

CVE-2010-5322

Cross-site scripting XSS vulnerability in ZeusCart 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action to index.php...

5.6AI score0.07602EPSS

Exploits1References10

NVD•added 2014/12/03 6:59 p.m.•10 views

CVE-2014-8772

Cross-site scripting XSS vulnerability in the searchcontroller in X3 CMS 0.5.1 and 0.5.1.1 allows remote authenticated users to inject arbitrary web script or HTML via the search parameter...

3.5CVSS5.3AI score0.00185EPSS

Exploits1References2

NVD•added 2009/12/30 8:0 p.m.•13 views

CVE-2009-4464

Cross-site scripting XSS vulnerability in searchadvance.asp in Active Business Directory 2 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

4.3CVSS5.7AI score0.02646EPSS

Exploits1References4