CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

154 matches found

Paraiciel SQL injection vulnerability

Paroiciel is an parish management information system developed by the French company Paroiciel. Version 11.20 of Paroiciel contains a SQL injection vulnerability. This vulnerability stems from the zProIdPro parameter, which allows for SQL injections. This could enable authenticated attackers to...

7.1CVSS6.1AI score0.00026EPSS

Exploits0References4

CVE•added 2026/03/26 11:39 a.m.•4 views

CVE-2018-25206

KomSeo Cart 1.3 contains an SQL injection in edit.php via the my_item_search parameter. Attackers can submit POST payloads to perform boolean-based blind or error-based injections to extract sensitive database information. The vulnerability has high impact on confidentiality (C) and low impact on...

8.8CVSS5.9AI score0.0005EPSS

Exploits0References3

ATTACKERKB•added 2026/03/12 3:36 p.m.•0 views

CVE-2019-25479

Inout RealEstate contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the city parameter. Attackers can send POST requests to the agents/agentlistdetails endpoint with malicious SQL payloads in the city paramete...

8.8CVSS5.9AI score0.00123EPSS

Exploits0References2

ATTACKERKB•added 2026/02/22 2:12 p.m.•2 views

CVE-2019-25460

Web Ofisi Platinum E-Ticaret v5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' GET parameter. Attackers can send requests to the arama endpoint with malicious 'q' values using time-based SQL...

8.8CVSS5.9AI score0.00106EPSS

Exploits1References3Affected Software1

Cvelist•added 2026/02/22 1:18 p.m.•23 views

CVE-2019-25452 Dolibarr ERP/CRM 10.0.1 SQL Injection via elemid

Dolibarr ERP/CRM 10.0.1 contains an SQL injection vulnerability in the elemid POST parameter of the viewcat.php endpoint that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can submit crafted POST requests with malicious SQL payloads in the elemid parameter to extrac...

8.8CVSS0.00131EPSS

Exploits1References2

RedhatCVE•added 2026/01/07 9:9 a.m.•4 views

CVE-2024-2088

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.3 via the 'nxsgetExpSettings' function. This makes it possible for authenticated attackers, with subscriber access and above, to extract...

8.5CVSS6.4AI score0.00434EPSS

Exploits0References1