CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

31 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-8533

Malware in sbrugna...

8.8CVSS8.8AI score0.00134EPSS

Exploits0References3

NVD•added 2024/05/17 12:15 p.m.•9 views

CVE-2024-5043

A vulnerability was found in Emlog Pro 2.3.4 and classified as critical. Affected by this issue is some unknown functionality of the file admin/setting.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be...

8.8CVSS4.7AI score0.00115EPSS

Exploits1References4

Vulnrichment•added 2024/05/17 11:31 a.m.•13 views

CVE-2024-5043 Emlog Pro setting.php unrestricted upload

5.8CVSS6.7AI score0.00115EPSS

Exploits1References4

Cvelist•added 2024/05/13 12:31 a.m.•14 views

CVE-2024-4809 SourceCodester Open Source Clinic Management System setting.php unrestricted upload

A vulnerability has been found in SourceCodester Open Source Clinic Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file setting.php. The manipulation of the argument logo leads to unrestricted upload. The attack can be launched...

6.5CVSS6.7AI score0.00365EPSS

Exploits1References4

Vulnrichment•added 2024/05/13 12:31 a.m.•10 views

CVE-2024-4809 SourceCodester Open Source Clinic Management System setting.php unrestricted upload

6.5CVSS6.9AI score0.00365EPSS

Exploits1References4

OSV•added 2024/01/31 8:15 p.m.•0 views

CVE-2024-1115

A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function dlfile of the file /application/websocket/controller/Setting.php. The manipulation of the argument phpPath leads to os command injection. The attack may be initiated remotely. The exploit h...

9.8CVSS5.5AI score

Exploits0References3

Vulnrichment•added 2024/01/31 8:0 p.m.•6 views

CVE-2024-1115 openBI Setting.php dlfile os command injection

7.5CVSS7.9AI score0.00476EPSS

Exploits0References3

CNNVD•added 2024/01/31 12:0 a.m.•2 views

openBI 操作系统命令注入漏洞

openBI is a big data visualization solution from openBI Inc. An OS command injection vulnerability exists in openBI prior to version 1.0.8, which stems from a problem with the dlfile function of the /application/websocket/controller/Setting.php file, which could lead to OS command injection...

9.8CVSS7.2AI score0.00476EPSS

Exploits0References4

OSV•added 2022/03/31 6:15 p.m.•12 views

CVE-2021-42866

A Cross Site Scripting vulnerabilty exists in Pixelimity 1.0 via the Site Description field in pixelimity/admin/setting.php...

4.8CVSS6.5AI score

Exploits0References1

Prion•added 2022/03/31 6:15 p.m.•10 views

Cross site scripting

A Cross Site Scripting vulnerabilty exists in Pixelimity 1.0 via the Site Description field in pixelimity/admin/setting.php...

3.5CVSS5AI score0.00235EPSS

Exploits1References1Affected Software1

OSV•added 2021/08/17 6:15 p.m.•7 views

CVE-2021-29056

Cross Site Scripting XSS vulnerability exists in Pixelimity 1.0 via the HTTP POST parameter to admin/setting.php...

4.8CVSS5.8AI score

Exploits0References1

Prion•added 2021/08/17 6:15 p.m.•9 views

Cross site scripting

Cross Site Scripting XSS vulnerability exists in Pixelimity 1.0 via the HTTP POST parameter to admin/setting.php...

3.5CVSS4.9AI score0.00197EPSS

Exploits1References1Affected Software1

CVE•added 2021/08/17 5:23 p.m.•30 views

CVE-2021-29056

Pixelimity 1.0 is affected by a Cross Site Scripting (XSS) vulnerability that can be triggered via an HTTP POST parameter to admin/setting.php. The root cause is a lack of proper validation/sanitization of client-side data in the web app. The impact is client-side code execution, potentially affe...

4.8CVSS4.8AI score0.00197EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/08/17 5:23 p.m.•12 views

CVE-2021-29056

Cross Site Scripting XSS vulnerability exists in Pixelimity 1.0 via the HTTP POST parameter to admin/setting.php...

5.1AI score0.00197EPSS

Exploits1References1

Packet Storm•added 2021/02/03 12:0 a.m.•275 views

Pixelimity 1.0 Cross Site Request Forgery

Exploit Title: Pixelimity 1.0 - 'password' Cross-Site Request Forgery Date: 2020-06-03 Exploit Author: Noth Vendor Homepage: https://github.com/pixelimity/pixelimity Software Link: https://github.com/pixelimity/pixelimity Version: v1.0 CVE : 2020-23522 Pixelimity 1.0 has cross-site request forger...

6CVSS0.3AI score0.00191EPSS

Exploits2

Exploit DB•added 2021/02/03 12:0 a.m.•291 views

Pixelimity 1.0 - 'password' Cross-Site Request Forgery

7.4AI score

Exploits0

NVD•added 2021/01/19 1:15 p.m.•7 views

CVE-2020-23522

Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data Password parameter...

6.8CVSS6.7AI score0.00191EPSS

Exploits2References2

OSV•added 2021/01/19 1:15 p.m.•9 views

CVE-2020-23522

Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data Password parameter...

6.8CVSS6.9AI score

Exploits0References2

Cvelist•added 2021/01/19 12:7 p.m.•11 views

CVE-2020-23522

Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data Password parameter...

6.7AI score0.00191EPSS

Exploits2References2

CVE•added 2021/01/19 12:7 p.m.•54 views

CVE-2020-23522

Pixelimity 1.0 is affected by a Cross-Site Request Forgery vulnerability in the admin/setting.php data [Password] parameter. The issue is documented across multiple feeds (NVD/Red Hat/CIRCL/CNVD, PacketStorm) and is demonstrated by a PoC showing a forged request could leverage the Password field....

6.8CVSS6.6AI score0.00191EPSS

Exploits2References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by