CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-21772

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01871EPSS

Exploits1References3

RedhatCVE•added 2025/05/23 7:29 a.m.•4 views

CVE-2024-24350

File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component...

8.8CVSS7.9AI score0.01871EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 10:57 p.m.•9 views

CVE-2022-32409

A local file inclusion LFI vulnerability in the component codemirror.php of Portal do Software Publico Brasileiro i3geo v7.0.5 allows attackers to execute arbitrary PHP code via a crafted HTTP request...

9.8CVSS7.5AI score0.66547EPSS

Exploits1References1

NVD•added 2024/02/08 1:15 a.m.•12 views

CVE-2024-24350

File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component...

8.8CVSS8.9AI score0.01871EPSS

OSV•added 2024/02/08 1:15 a.m.•0 views

CVE-2024-24350

File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component...

8.8CVSS6.1AI score

Exploits0References2

Prion•added 2024/02/08 1:15 a.m.•10 views

Unrestricted file upload

File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component...

6.5CVSS8.4AI score0.01871EPSS

Exploits1References2Affected Software1

CVE•added 2024/02/08 12:0 a.m.•37 views

CVE-2024-24350

CVE-2024-24350 corresponds to a file upload vulnerability in Software Publico e-Sic Livre, affecting version 2.0 and earlier. The issue arises from the extension filtering component, enabling a remote attacker to upload crafted payloads that may lead to arbitrary code execution. The NVD/Red Hat a...

8.8CVSS8.8AI score0.01871EPSS

Exploits1References2Affected Software1

Cvelist•added 2024/02/08 12:0 a.m.•16 views

CVE-2024-24350

File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component...

9.1AI score0.01871EPSS

Vulnrichment•added 2024/02/08 12:0 a.m.•6 views

CVE-2024-24350

File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component...

8.9AI score0.01871EPSS

NVD•added 2022/07/14 10:15 p.m.•17 views

CVE-2022-34093

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via accesstoken.php...

6.1CVSS0.02517EPSS

NVD•added 2022/07/14 10:15 p.m.•10 views

CVE-2022-34094

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via requesttoken.php...

6.1CVSS0.01908EPSS

NVD•added 2022/07/14 10:15 p.m.•12 views

CVE-2022-32409

9.8CVSS0.66547EPSS

NVD•added 2022/07/14 10:15 p.m.•9 views

CVE-2022-34092

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via svg2img.php...

6.1CVSS0.00395EPSS

Prion•added 2022/07/14 10:15 p.m.•22 views

Cross site scripting

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via accesstoken.php...

4.3CVSS6AI score0.02517EPSS

Prion•added 2022/07/14 10:15 p.m.•17 views

Cross site scripting

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via requesttoken.php...

4.3CVSS6AI score0.01908EPSS

Prion•added 2022/07/14 10:15 p.m.•14 views

Cross site scripting

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via svg2img.php...

4.3CVSS6AI score0.00395EPSS

Prion•added 2022/07/14 10:15 p.m.•25 views

Cross site request forgery (csrf)

7.5CVSS9.3AI score0.66547EPSS

Exploits1References2Affected Software1

CVE•added 2022/07/14 9:24 p.m.•86 views

CVE-2022-34094

i3geo v7.0.5 has a cross-site scripting (XSS) flaw exposed via request_token.php . The connected nuclei template confirms the vulnerability and describes impact as attackers injecting JavaScript into parameters that run in users’ browsers (potential token/session risks). Remediation in the connec...

6.1CVSS6AI score0.01908EPSS

Cvelist•added 2022/07/14 9:24 p.m.•12 views

CVE-2022-34094

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting XSS vulnerability via requesttoken.php...

6.2AI score0.01908EPSS