CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

112 matches found

RedhatCVE•added 2026/01/07 9:17 a.m.•6 views

CVE-2025-1599

A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/app/profilecrud.php. The manipulation of the argument oldcatimg leads to path traversal: '../filedir'. The...

9.1CVSS6.7AI score0.00152EPSS

Exploits1References1

NVD•added 2025/11/03 3:15 a.m.•3 views

CVE-2025-12614

A weakness has been identified in SourceCodester Best House Rental Management System 1.0. Impacted is the function deletepayment of the file /adminclass.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been made...

9.8CVSS0.00029EPSS

Exploits1References5

NVD•added 2025/11/02 12:15 p.m.•2 views

CVE-2025-12597

A vulnerability was detected in SourceCodester Best House Rental Management System 1.0. Affected by this vulnerability is the function savecategory of the file /adminclass.php. Performing manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploit...

9.8CVSS0.00029EPSS

Exploits1References5

CNNVD•added 2025/11/02 12:0 a.m.•1 views

SourceCodester Best House Rental Management System SQL注入漏洞

SourceCodester Best House Rental Management System is a SourceCodester open source house rental management system. SourceCodester Best House Rental Management System version 1.0 has a SQL injection vulnerability, the vulnerability stems from the incorrect operation of the parameter Name of the...

9.8CVSS5.6AI score0.00029EPSS

Exploits1References6

RedhatCVE•added 2025/10/14 5:40 a.m.•4 views

CVE-2025-11662

A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. Impacted is an unknown function of the file /booking.php. The manipulation of the argument servid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the...

9.8CVSS7.5AI score0.00042EPSS

Exploits1References1

OSV•added 2025/10/13 5:15 a.m.•1 views

CVE-2025-11662

9.8CVSS5.7AI score0.00042EPSS

Exploits1References5

NVD•added 2025/10/13 5:15 a.m.•2 views

CVE-2025-11662

9.8CVSS0.00042EPSS

Exploits1References5

CNNVD•added 2025/10/13 12:0 a.m.•2 views

SourceCodester Best Salon Management System SQL注入漏洞

SourceCodester Best Salon Management System is a SourceCodester open source salon management system. SourceCodester Best Salon Management System version 1.0 has a SQL injection vulnerability, the vulnerability stems from the incorrect operation of the parameter servid in the file /booking.php,...

9.8CVSS7.9AI score0.00042EPSS

Exploits1References5

Vulnrichment•added 2025/10/11 9:32 p.m.•3 views

CVE-2025-11615 SourceCodester Best Salon Management System add_invoice.php sql injection

A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/addinvoice.php. Performing manipulation of the argument ServiceId results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

7.5CVSS6.5AI score0.00042EPSS

Exploits1References5