CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

github.com/traptitech/traq is vulnerable to Information Disclosure. The vulnerability is due to sensitive information such as OAuth tokens being recorded in SQL error log files when a query fails, which allows an attacker with log access to intentionally trigger errors and acquire the exposed dat...

5.9CVSS6.8AI score0.00116EPSS

Exploits0References5Affected Software1

CNNVD•added 2025/08/26 12:0 a.m.•1 views

traQ 日志信息泄露漏洞

traq is a PHP-based project management and issue tracking system by Jack Polgar, a personal developer. A log information disclosure vulnerability exists in versions of traQ prior to 3.25.0, which stems from recording sensitive information in SQL error logs, which could lead to information...

5.9CVSS6.3AI score0.00116EPSS

Exploits0References4

RedhatCVE•added 2025/06/23 8:41 a.m.•3 views

CVE-2025-44203

In HotelDruid 3.0.7, an unauthenticated attacker can exploit verbose SQL error messages on creadb.php before the 'create database' button is pressed. By sending malformed POST requests to this endpoint, the attacker may obtain the administrator username, password hash, and salt. In some cases, th...

7.5CVSS8AI score0.00082EPSS

Exploits1References1

OSV•added 2025/06/20 4:15 p.m.•4 views

CVE-2025-44203

7.5CVSS7.9AI score0.00082EPSS

Exploits1References2

NVD•added 2025/06/20 4:15 p.m.•3 views

CVE-2025-44203

7.5CVSS0.00082EPSS

Exploits1References2

Positive Technologies•added 2025/06/20 12:0 a.m.•2 views

PT-2025-26429 · Unknown +1 · Hoteldruid +1

Name of the Vulnerable Software and Affected Versions: HotelDruid version 3.0.7 Description: The issue allows an unauthenticated attacker to exploit verbose SQL error messages on the "creadb.php" endpoint before the 'create database' button is pressed. By sending malformed POST requests to this...

7.5CVSS6.5AI score0.00082EPSS

Exploits1References16

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by