CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-31852

Malicious code in bioql PyPI...

7.2CVSS7AI score0.03075EPSS

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-31851

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00675EPSS

RedhatCVE•added 2025/05/22 10:36 p.m.•4 views

CVE-2022-27349

Social Codia SMS v1 was discovered to contain an arbitrary file upload vulnerability via addteacher.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS8.2AI score0.03075EPSS

CNVD•added 2022/04/15 12:0 a.m.•20 views

Social Codia SMS Arbitrary File Upload Vulnerability

Social Codia SMS is an inventory management system from Social Codia India. v1.0 of Social Codia SMS is vulnerable to arbitrary file uploads, which can be exploited by attackers to execute arbitrary code via crafted PHP files...

7.2CVSS6.1AI score0.03075EPSS

CNVD•added 2022/04/15 12:0 a.m.•21 views

Social Codia SMS Cross-Site Scripting Vulnerability

Social Codia SMS is an inventory management system from Social Codia India. v1.0 of Social Codia SMS is vulnerable to a cross-site scripting vulnerability that could be exploited by attackers to execute arbitrary Web script or HTML by injecting a specially crafted payload into the post title text...

4.8CVSS3.6AI score0.00675EPSS

ATTACKERKB•added 2022/04/08 9:15 a.m.•1 views

CVE-2022-27349

Social Codia SMS v1 was discovered to contain an arbitrary file upload vulnerability via addteacher.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS6.2AI score0.03075EPSS

NVD•added 2022/04/08 9:15 a.m.•8 views

CVE-2022-27349

Social Codia SMS v1 was discovered to contain an arbitrary file upload vulnerability via addteacher.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS0.03075EPSS

OSV•added 2022/04/08 9:15 a.m.•2 views

CVE-2022-27348

4.8CVSS5.9AI score0.00675EPSS

ATTACKERKB•added 2022/04/08 9:15 a.m.•2 views

CVE-2022-27348

4.8CVSS6.1AI score0.00675EPSS

OSV•added 2022/04/08 9:15 a.m.•1 views

CVE-2022-27349

Social Codia SMS v1 was discovered to contain an arbitrary file upload vulnerability via addteacher.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS6.1AI score0.03075EPSS

NVD•added 2022/04/08 9:15 a.m.•13 views

CVE-2022-27348

4.8CVSS0.00675EPSS

Prion•added 2022/04/08 9:15 a.m.•9 views

Cross site scripting

3.5CVSS5AI score0.00675EPSS

Exploits3References3Affected Software1

CVE•added 2022/04/08 8:23 a.m.•70 views

CVE-2022-27348

CVE-2022-27348 affects Social Codia SMS v1 (inventory management system). The connected documents confirm a stored cross-site scripting (XSS) vulnerability in add_post.php, where an attacker can inject a crafted payload into the Post Title text field to execute arbitrary web scripts/HTML. Root ca...

4.8CVSS5AI score0.00675EPSS

Exploits3References3Affected Software1

CVE•added 2022/04/08 8:23 a.m.•70 views

CVE-2022-27349

CVE-2022-27349 affects Social Codia SMS v1. The vulnerability is an arbitrary file upload via addteacher.php, allowing code execution through a crafted PHP file. Public references and PoCs show uploading a web shell (e.g., lmao.php) through the image field and accessing it at /img/lmao.php after ...

7.2CVSS7.3AI score0.03075EPSS

Exploits3References3Affected Software1

Cvelist•added 2022/04/08 8:23 a.m.•12 views

CVE-2022-27349

Social Codia SMS v1 was discovered to contain an arbitrary file upload vulnerability via addteacher.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

7.6AI score0.03075EPSS