CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2025/03/27 12:31 p.m.•13 views

CVE-2025-2846 SourceCodester Online Eyewear Shop Registration Users.php registration sql injection

7.5CVSS7.5AI score0.00544EPSS

Cvelist•added 2025/03/27 12:31 p.m.•11 views

CVE-2025-2846 SourceCodester Online Eyewear Shop Registration Users.php registration sql injection

7.5CVSS0.00544EPSS

CVE•added 2025/03/27 12:31 p.m.•54 views

CVE-2025-2846

CVE-2025-2846 affects SourceCodester Online Eyewear Shop 1.0. The vulnerability resides in the registration function at /oews/classes/Users.php?f=registration, where manipulating the ID parameter leads to SQL injection. It is exploitable remotely and the exploit has been disclosed publicly. Conne...

9.8CVSS7.5AI score0.00544EPSS

Exploits1References5Affected Software1

CNNVD•added 2025/03/27 12:0 a.m.•2 views

SourceCodester Online Eyewear Shop 注入漏洞

SourceCodester Online Eyewear Shop is a SourceCodester open source online eyewear store website project developed using PHP and MySQL, which provides an online shopping and ordering platform for the eyewear business and its potential customers. An injection vulnerability exists in SourceCodester...

9.8CVSS8AI score0.00544EPSS

RedhatCVE•added 2025/03/25 5:21 p.m.•5 views

CVE-2025-2655

A vulnerability was detected in SourceCodester AC Repair and Services System 1.0. The affected element is the function saveusers/deleteusers of the file /classes/Users.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The...

9.8CVSS7.5AI score0.00509EPSS

RedhatCVE•added 2025/03/25 4:18 p.m.•17 views

CVE-2025-2654

A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/services/manageservice.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely...

9.8CVSS7.7AI score0.0049EPSS

RedhatCVE•added 2025/03/25 3:22 p.m.•15 views

CVE-2025-2651

A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0. Affected is an unknown function of the file /oews/admin/. The manipulation leads to exposure of information through directory listing. It is possible to launch the attack remotely. The explo...

6.9CVSS7AI score0.00587EPSS

RedhatCVE•added 2025/03/25 3:22 p.m.•15 views

CVE-2025-2652

A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to exposure of information through directory listing. The attack can be launched...

7.5CVSS7AI score0.00604EPSS

RedhatCVE•added 2025/03/24 9:21 p.m.•23 views

CVE-2025-2626

A vulnerability classified as critical was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. This vulnerability affects unknown code of the file editcase.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has...

9.8CVSS7.9AI score0.00382EPSS

RedhatCVE•added 2025/03/23 9:17 p.m.•15 views

CVE-2025-2606

A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/app/soulwinningcrud.php. The manipulation of the argument photo/photo1 leads to unrestricted upload. The...

6.5CVSS7.2AI score0.00296EPSS

RedhatCVE•added 2025/03/23 9:17 p.m.•17 views

CVE-2025-2604

A vulnerability was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. It has been classified as critical. Affected is an unknown function of the file editact.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The...

6.5CVSS7.7AI score0.00282EPSS

RedhatCVE•added 2025/03/23 8:21 p.m.•16 views

CVE-2025-2602

A vulnerability has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file deactivatereg.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. T...

8.8CVSS7.9AI score0.0037EPSS

RedhatCVE•added 2025/03/23 8:21 p.m.•13 views

CVE-2025-2601

A vulnerability, which was classified as critical, was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. This affects an unknown part of the file activatereg.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. T...

8.8CVSS7.7AI score0.0037EPSS

NVD•added 2025/03/23 5:15 p.m.•9 views

CVE-2025-2655

9.8CVSS0.00509EPSS

Cvelist•added 2025/03/23 4:31 p.m.•25 views

CVE-2025-2655 SourceCodester AC Repair and Services System Users.php delete_users sql injection

7.5CVSS0.00509EPSS

Vulnrichment•added 2025/03/23 4:31 p.m.•7 views

CVE-2025-2655 SourceCodester AC Repair and Services System Users.php delete_users sql injection

7.5CVSS7.3AI score0.00509EPSS

CVE•added 2025/03/23 4:31 p.m.•60 views

CVE-2025-2655

SourceCodester AC Repair and Services System 1.0 is affected by CVE-2025-2655. The vulnerability resides in the save_users and delete_users functions in /classes/Users.php, where manipulation of the ID argument yields an SQL injection. The issue allows remote exploitation and, per the public disc...

9.8CVSS7.3AI score0.00509EPSS

Exploits1References6Affected Software1

NVD•added 2025/03/23 4:15 p.m.•10 views

CVE-2025-2654

9.8CVSS0.0049EPSS

Vulnrichment•added 2025/03/23 4:0 p.m.•9 views

CVE-2025-2654 SourceCodester AC Repair and Services System manage_service.php sql injection

7.5CVSS7.6AI score0.0049EPSS